1 /* Copyright (c) 2001-2004, Roger Dingledine.
2 * Copyright (c) 2004-2006, Roger Dingledine, Nick Mathewson.
3 * Copyright (c) 2007-2019, The Tor Project, Inc. */
4 /* See LICENSE for licensing information */
6 #define DIRCLIENT_PRIVATE
8 #include "core/or/or.h"
10 #include "app/config/config.h"
11 #include "core/mainloop/connection.h"
12 #include "core/mainloop/mainloop.h"
13 #include "core/or/connection_edge.h"
14 #include "core/or/policies.h"
15 #include "feature/client/bridges.h"
16 #include "feature/client/entrynodes.h"
17 #include "feature/control/control.h"
18 #include "feature/dirauth/authmode.h"
19 #include "feature/dirauth/dirvote.h"
20 #include "feature/dirauth/shared_random.h"
21 #include "feature/dircache/dirserv.h"
22 #include "feature/dirclient/dirclient.h"
23 #include "feature/dirclient/dlstatus.h"
24 #include "feature/dircommon/consdiff.h"
25 #include "feature/dircommon/directory.h"
26 #include "feature/dircommon/fp_pair.h"
27 #include "feature/hs/hs_cache.h"
28 #include "feature/hs/hs_client.h"
29 #include "feature/hs/hs_control.h"
30 #include "feature/nodelist/authcert.h"
31 #include "feature/nodelist/describe.h"
32 #include "feature/nodelist/dirlist.h"
33 #include "feature/nodelist/microdesc.h"
34 #include "feature/nodelist/networkstatus.h"
35 #include "feature/nodelist/node_select.h"
36 #include "feature/nodelist/nodelist.h"
37 #include "feature/nodelist/routerinfo.h"
38 #include "feature/nodelist/routerlist.h"
39 #include "feature/nodelist/routerset.h"
40 #include "feature/relay/routermode.h"
41 #include "feature/relay/selftest.h"
42 #include "feature/rend/rendcache.h"
43 #include "feature/rend/rendclient.h"
44 #include "feature/rend/rendcommon.h"
45 #include "feature/rend/rendservice.h"
46 #include "feature/stats/predict_ports.h"
48 #include "lib/compress/compress.h"
49 #include "lib/crypt_ops/crypto_format.h"
50 #include "lib/crypt_ops/crypto_util.h"
51 #include "lib/encoding/confline.h"
52 #include "lib/err/backtrace.h"
54 #include "core/or/entry_connection_st.h"
55 #include "feature/dircache/cached_dir_st.h"
56 #include "feature/dirclient/dir_server_st.h"
57 #include "feature/dircommon/dir_connection_st.h"
58 #include "feature/nodelist/networkstatus_st.h"
59 #include "feature/nodelist/node_st.h"
60 #include "feature/nodelist/routerinfo_st.h"
61 #include "feature/rend/rend_service_descriptor_st.h"
63 /** Maximum size, in bytes, for any directory object that we've downloaded. */
64 #define MAX_DIR_DL_SIZE ((1<<24)-1) /* 16 MB - 1 */
66 /** How far in the future do we allow a directory server to tell us it is
67 * before deciding that one of us has the wrong time? */
68 #define ALLOW_DIRECTORY_TIME_SKEW (30*60)
70 static int body_is_plausible(const char *body
, size_t body_len
, int purpose
);
71 static void connection_dir_download_routerdesc_failed(dir_connection_t
*conn
);
72 static void connection_dir_bridge_routerdesc_failed(dir_connection_t
*conn
);
73 static void connection_dir_download_cert_failed(
74 dir_connection_t
*conn
, int status_code
);
75 static void connection_dir_retry_bridges(smartlist_t
*descs
);
76 static void dir_routerdesc_download_failed(smartlist_t
*failed
,
80 int was_descriptor_digests
);
81 static void dir_microdesc_download_failed(smartlist_t
*failed
,
84 static void directory_send_command(dir_connection_t
*conn
,
86 const directory_request_t
*req
);
87 static void connection_dir_close_consensus_fetches(
88 dir_connection_t
*except_this_one
, const char *resource
);
90 /** Return a string describing a given directory connection purpose. */
92 dir_conn_purpose_to_string(int purpose
)
96 case DIR_PURPOSE_UPLOAD_DIR
:
97 return "server descriptor upload";
98 case DIR_PURPOSE_UPLOAD_VOTE
:
99 return "server vote upload";
100 case DIR_PURPOSE_UPLOAD_SIGNATURES
:
101 return "consensus signature upload";
102 case DIR_PURPOSE_FETCH_SERVERDESC
:
103 return "server descriptor fetch";
104 case DIR_PURPOSE_FETCH_EXTRAINFO
:
105 return "extra-info fetch";
106 case DIR_PURPOSE_FETCH_CONSENSUS
:
107 return "consensus network-status fetch";
108 case DIR_PURPOSE_FETCH_CERTIFICATE
:
109 return "authority cert fetch";
110 case DIR_PURPOSE_FETCH_STATUS_VOTE
:
111 return "status vote fetch";
112 case DIR_PURPOSE_FETCH_DETACHED_SIGNATURES
:
113 return "consensus signature fetch";
114 case DIR_PURPOSE_FETCH_RENDDESC_V2
:
115 return "hidden-service v2 descriptor fetch";
116 case DIR_PURPOSE_UPLOAD_RENDDESC_V2
:
117 return "hidden-service v2 descriptor upload";
118 case DIR_PURPOSE_FETCH_HSDESC
:
119 return "hidden-service descriptor fetch";
120 case DIR_PURPOSE_UPLOAD_HSDESC
:
121 return "hidden-service descriptor upload";
122 case DIR_PURPOSE_FETCH_MICRODESC
:
123 return "microdescriptor fetch";
126 log_warn(LD_BUG
, "Called with unknown purpose %d", purpose
);
130 /** Return the requisite directory information types. */
131 STATIC dirinfo_type_t
132 dir_fetch_type(int dir_purpose
, int router_purpose
, const char *resource
)
135 switch (dir_purpose
) {
136 case DIR_PURPOSE_FETCH_EXTRAINFO
:
137 type
= EXTRAINFO_DIRINFO
;
138 if (router_purpose
== ROUTER_PURPOSE_BRIDGE
)
139 type
|= BRIDGE_DIRINFO
;
143 case DIR_PURPOSE_FETCH_SERVERDESC
:
144 if (router_purpose
== ROUTER_PURPOSE_BRIDGE
)
145 type
= BRIDGE_DIRINFO
;
149 case DIR_PURPOSE_FETCH_STATUS_VOTE
:
150 case DIR_PURPOSE_FETCH_DETACHED_SIGNATURES
:
151 case DIR_PURPOSE_FETCH_CERTIFICATE
:
154 case DIR_PURPOSE_FETCH_CONSENSUS
:
156 if (resource
&& !strcmp(resource
, "microdesc"))
157 type
|= MICRODESC_DIRINFO
;
159 case DIR_PURPOSE_FETCH_MICRODESC
:
160 type
= MICRODESC_DIRINFO
;
163 log_warn(LD_BUG
, "Unexpected purpose %d", (int)dir_purpose
);
170 /** Return true iff <b>identity_digest</b> is the digest of a router which
171 * says that it caches extrainfos. (If <b>is_authority</b> we always
172 * believe that to be true.) */
174 router_supports_extrainfo(const char *identity_digest
, int is_authority
)
176 const node_t
*node
= node_get_by_id(identity_digest
);
178 if (node
&& node
->ri
) {
179 if (node
->ri
->caches_extra_info
)
188 /** Return true iff any trusted directory authority has accepted our
191 * We consider any authority sufficient because waiting for all of
192 * them means it never happens while any authority is down; we don't
193 * go for something more complex in the middle (like \>1/3 or \>1/2 or
194 * \>=1/2) because that doesn't seem necessary yet.
197 directories_have_accepted_server_descriptor(void)
199 const smartlist_t
*servers
= router_get_trusted_dir_servers();
200 const or_options_t
*options
= get_options();
201 SMARTLIST_FOREACH(servers
, dir_server_t
*, d
, {
202 if ((d
->type
& options
->PublishServerDescriptor_
) &&
203 d
->has_accepted_serverdesc
) {
210 /** Start a connection to every suitable directory authority, using
211 * connection purpose <b>dir_purpose</b> and uploading <b>payload</b>
212 * (of length <b>payload_len</b>). The dir_purpose should be one of
213 * 'DIR_PURPOSE_UPLOAD_{DIR|VOTE|SIGNATURES}'.
215 * <b>router_purpose</b> describes the type of descriptor we're
216 * publishing, if we're publishing a descriptor -- e.g. general or bridge.
218 * <b>type</b> specifies what sort of dir authorities (V3,
219 * BRIDGE, etc) we should upload to.
221 * If <b>extrainfo_len</b> is nonzero, the first <b>payload_len</b> bytes of
222 * <b>payload</b> hold a router descriptor, and the next <b>extrainfo_len</b>
223 * bytes of <b>payload</b> hold an extra-info document. Upload the descriptor
224 * to all authorities, and the extra-info document to all authorities that
228 directory_post_to_dirservers(uint8_t dir_purpose
, uint8_t router_purpose
,
231 size_t payload_len
, size_t extrainfo_len
)
233 const or_options_t
*options
= get_options();
234 dir_indirection_t indirection
;
235 const smartlist_t
*dirservers
= router_get_trusted_dir_servers();
237 const int exclude_self
= (dir_purpose
== DIR_PURPOSE_UPLOAD_VOTE
||
238 dir_purpose
== DIR_PURPOSE_UPLOAD_SIGNATURES
);
239 tor_assert(dirservers
);
240 /* This tries dirservers which we believe to be down, but ultimately, that's
241 * harmless, and we may as well err on the side of getting things uploaded.
243 SMARTLIST_FOREACH_BEGIN(dirservers
, dir_server_t
*, ds
) {
244 routerstatus_t
*rs
= &(ds
->fake_status
);
245 size_t upload_len
= payload_len
;
247 if ((type
& ds
->type
) == 0)
250 if (exclude_self
&& router_digest_is_me(ds
->digest
)) {
251 /* we don't upload to ourselves, but at least there's now at least
252 * one authority of this type that has what we wanted to upload. */
257 if (options
->StrictNodes
&&
258 routerset_contains_routerstatus(options
->ExcludeNodes
, rs
, -1)) {
259 log_warn(LD_DIR
, "Wanted to contact authority '%s' for %s, but "
260 "it's in our ExcludedNodes list and StrictNodes is set. "
263 dir_conn_purpose_to_string(dir_purpose
));
267 found
= 1; /* at least one authority of this type was listed */
268 if (dir_purpose
== DIR_PURPOSE_UPLOAD_DIR
)
269 ds
->has_accepted_serverdesc
= 0;
271 if (extrainfo_len
&& router_supports_extrainfo(ds
->digest
, 1)) {
272 upload_len
+= extrainfo_len
;
273 log_info(LD_DIR
, "Uploading an extrainfo too (length %d)",
274 (int) extrainfo_len
);
276 if (purpose_needs_anonymity(dir_purpose
, router_purpose
, NULL
)) {
277 indirection
= DIRIND_ANONYMOUS
;
278 } else if (!fascist_firewall_allows_dir_server(ds
,
279 FIREWALL_DIR_CONNECTION
,
281 if (fascist_firewall_allows_dir_server(ds
, FIREWALL_OR_CONNECTION
, 0))
282 indirection
= DIRIND_ONEHOP
;
284 indirection
= DIRIND_ANONYMOUS
;
286 indirection
= DIRIND_DIRECT_CONN
;
289 directory_request_t
*req
= directory_request_new(dir_purpose
);
290 directory_request_set_routerstatus(req
, rs
);
291 directory_request_set_router_purpose(req
, router_purpose
);
292 directory_request_set_indirection(req
, indirection
);
293 directory_request_set_payload(req
, payload
, upload_len
);
294 directory_initiate_request(req
);
295 directory_request_free(req
);
296 } SMARTLIST_FOREACH_END(ds
);
298 char *s
= authdir_type_to_string(type
);
299 log_warn(LD_DIR
, "Publishing server descriptor to directory authorities "
300 "of type '%s', but no authorities of that type listed!", s
);
305 /** Return true iff, according to the values in <b>options</b>, we should be
306 * using directory guards for direct downloads of directory information. */
308 should_use_directory_guards(const or_options_t
*options
)
310 /* Public (non-bridge) servers never use directory guards. */
311 if (public_server_mode(options
))
313 /* If guards are disabled, we can't use directory guards.
315 if (!options
->UseEntryGuards
)
317 /* If we're configured to fetch directory info aggressively or of a
318 * nonstandard type, don't use directory guards. */
319 if (options
->DownloadExtraInfo
|| options
->FetchDirInfoEarly
||
320 options
->FetchDirInfoExtraEarly
|| options
->FetchUselessDescriptors
)
325 /** Pick an unconstrained directory server from among our guards, the latest
326 * networkstatus, or the fallback dirservers, for use in downloading
327 * information of type <b>type</b>, and return its routerstatus. */
328 static const routerstatus_t
*
329 directory_pick_generic_dirserver(dirinfo_type_t type
, int pds_flags
,
331 circuit_guard_state_t
**guard_state_out
)
333 const routerstatus_t
*rs
= NULL
;
334 const or_options_t
*options
= get_options();
336 if (options
->UseBridges
)
337 log_warn(LD_BUG
, "Called when we have UseBridges set.");
339 if (should_use_directory_guards(options
)) {
340 const node_t
*node
= guards_choose_dirguard(dir_purpose
, guard_state_out
);
344 /* anybody with a non-zero dirport will do */
345 rs
= router_pick_directory_server(type
, pds_flags
);
348 log_info(LD_DIR
, "No router found for %s; falling back to "
349 "dirserver list.", dir_conn_purpose_to_string(dir_purpose
));
350 rs
= router_pick_fallback_dirserver(type
, pds_flags
);
357 * Set the extra fields in <b>req</b> that are used when requesting a
358 * consensus of type <b>resource</b>.
360 * Right now, these fields are if-modified-since and x-or-diff-from-consensus.
363 dir_consensus_request_set_additional_headers(directory_request_t
*req
,
364 const char *resource
)
366 time_t if_modified_since
= 0;
367 uint8_t or_diff_from
[DIGEST256_LEN
];
368 int or_diff_from_is_set
= 0;
370 /* DEFAULT_IF_MODIFIED_SINCE_DELAY is 1/20 of the default consensus
373 const int DEFAULT_IF_MODIFIED_SINCE_DELAY
= 180;
374 const int32_t DEFAULT_TRY_DIFF_FOR_CONSENSUS_NEWER
= 72;
375 const int32_t MIN_TRY_DIFF_FOR_CONSENSUS_NEWER
= 0;
376 const int32_t MAX_TRY_DIFF_FOR_CONSENSUS_NEWER
= 8192;
377 const char TRY_DIFF_FOR_CONSENSUS_NEWER_NAME
[] =
378 "try-diff-for-consensus-newer-than";
382 flav
= networkstatus_parse_flavor_name(resource
);
384 int32_t max_age_for_diff
= 3600 *
385 networkstatus_get_param(NULL
,
386 TRY_DIFF_FOR_CONSENSUS_NEWER_NAME
,
387 DEFAULT_TRY_DIFF_FOR_CONSENSUS_NEWER
,
388 MIN_TRY_DIFF_FOR_CONSENSUS_NEWER
,
389 MAX_TRY_DIFF_FOR_CONSENSUS_NEWER
);
392 /* IF we have a parsed consensus of this type, we can do an
393 * if-modified-time based on it. */
395 v
= networkstatus_get_latest_consensus_by_flavor(flav
);
397 /* In networks with particularly short V3AuthVotingIntervals,
398 * ask for the consensus if it's been modified since half the
399 * V3AuthVotingInterval of the most recent consensus. */
400 time_t ims_delay
= DEFAULT_IF_MODIFIED_SINCE_DELAY
;
401 if (v
->fresh_until
> v
->valid_after
402 && ims_delay
> (v
->fresh_until
- v
->valid_after
)/2) {
403 ims_delay
= (v
->fresh_until
- v
->valid_after
)/2;
405 if_modified_since
= v
->valid_after
+ ims_delay
;
406 if (v
->valid_after
>= approx_time() - max_age_for_diff
) {
407 memcpy(or_diff_from
, v
->digest_sha3_as_signed
, DIGEST256_LEN
);
408 or_diff_from_is_set
= 1;
412 /* Otherwise it might be a consensus we don't parse, but which we
413 * do cache. Look at the cached copy, perhaps. */
414 cached_dir_t
*cd
= dirserv_get_consensus(resource
);
415 /* We have no method of determining the voting interval from an
416 * unparsed consensus, so we use the default. */
418 if_modified_since
= cd
->published
+ DEFAULT_IF_MODIFIED_SINCE_DELAY
;
419 if (cd
->published
>= approx_time() - max_age_for_diff
) {
420 memcpy(or_diff_from
, cd
->digest_sha3_as_signed
, DIGEST256_LEN
);
421 or_diff_from_is_set
= 1;
426 if (if_modified_since
> 0)
427 directory_request_set_if_modified_since(req
, if_modified_since
);
428 if (or_diff_from_is_set
) {
429 char hex
[HEX_DIGEST256_LEN
+ 1];
430 base16_encode(hex
, sizeof(hex
),
431 (const char*)or_diff_from
, sizeof(or_diff_from
));
432 directory_request_add_header(req
, X_OR_DIFF_FROM_CONSENSUS_HEADER
, hex
);
435 /** Start a connection to a random running directory server, using
436 * connection purpose <b>dir_purpose</b>, intending to fetch descriptors
437 * of purpose <b>router_purpose</b>, and requesting <b>resource</b>.
438 * Use <b>pds_flags</b> as arguments to router_pick_directory_server()
439 * or router_pick_trusteddirserver().
442 directory_get_from_dirserver
,(
444 uint8_t router_purpose
,
445 const char *resource
,
447 download_want_authority_t want_authority
))
449 const routerstatus_t
*rs
= NULL
;
450 const or_options_t
*options
= get_options();
451 int prefer_authority
= (directory_fetches_from_authorities(options
)
452 || want_authority
== DL_WANT_AUTHORITY
);
453 int require_authority
= 0;
454 int get_via_tor
= purpose_needs_anonymity(dir_purpose
, router_purpose
,
456 dirinfo_type_t type
= dir_fetch_type(dir_purpose
, router_purpose
, resource
);
458 if (type
== NO_DIRINFO
)
461 if (!options
->FetchServerDescriptors
)
464 circuit_guard_state_t
*guard_state
= NULL
;
466 if (options
->UseBridges
&& !(type
& BRIDGE_DIRINFO
)) {
467 /* We want to ask a running bridge for which we have a descriptor.
469 * When we ask choose_random_entry() for a bridge, we specify what
470 * sort of dir fetch we'll be doing, so it won't return a bridge
471 * that can't answer our question.
473 const node_t
*node
= guards_choose_dirguard(dir_purpose
, &guard_state
);
474 if (node
&& node
->ri
) {
475 /* every bridge has a routerinfo. */
476 routerinfo_t
*ri
= node
->ri
;
477 /* clients always make OR connections to bridges */
478 tor_addr_port_t or_ap
;
479 directory_request_t
*req
= directory_request_new(dir_purpose
);
480 /* we are willing to use a non-preferred address if we need to */
481 fascist_firewall_choose_address_node(node
, FIREWALL_OR_CONNECTION
, 0,
483 directory_request_set_or_addr_port(req
, &or_ap
);
484 directory_request_set_directory_id_digest(req
,
485 ri
->cache_info
.identity_digest
);
486 directory_request_set_router_purpose(req
, router_purpose
);
487 directory_request_set_resource(req
, resource
);
488 if (dir_purpose
== DIR_PURPOSE_FETCH_CONSENSUS
)
489 dir_consensus_request_set_additional_headers(req
, resource
);
490 directory_request_set_guard_state(req
, guard_state
);
491 directory_initiate_request(req
);
492 directory_request_free(req
);
495 entry_guard_cancel(&guard_state
);
497 log_notice(LD_DIR
, "Ignoring directory request, since no bridge "
498 "nodes are available yet.");
503 if (prefer_authority
|| (type
& BRIDGE_DIRINFO
)) {
504 /* only ask authdirservers, and don't ask myself */
505 rs
= router_pick_trusteddirserver(type
, pds_flags
);
506 if (rs
== NULL
&& (pds_flags
& (PDS_NO_EXISTING_SERVERDESC_FETCH
|
507 PDS_NO_EXISTING_MICRODESC_FETCH
))) {
508 /* We don't want to fetch from any authorities that we're currently
509 * fetching server descriptors from, and we got no match. Did we
510 * get no match because all the authorities have connections
511 * fetching server descriptors (in which case we should just
512 * return,) or because all the authorities are down or on fire or
513 * unreachable or something (in which case we should go on with
514 * our fallback code)? */
515 pds_flags
&= ~(PDS_NO_EXISTING_SERVERDESC_FETCH
|
516 PDS_NO_EXISTING_MICRODESC_FETCH
);
517 rs
= router_pick_trusteddirserver(type
, pds_flags
);
519 log_debug(LD_DIR
, "Deferring serverdesc fetch: all authorities "
524 if (rs
== NULL
&& require_authority
) {
525 log_info(LD_DIR
, "No authorities were available for %s: will try "
526 "later.", dir_conn_purpose_to_string(dir_purpose
));
530 if (!rs
&& !(type
& BRIDGE_DIRINFO
)) {
531 rs
= directory_pick_generic_dirserver(type
, pds_flags
,
535 get_via_tor
= 1; /* last resort: try routing it via Tor */
541 /* Never use fascistfirewall; we're going via Tor. */
542 pds_flags
|= PDS_IGNORE_FASCISTFIREWALL
;
543 rs
= router_pick_directory_server(type
, pds_flags
);
546 /* If we have any hope of building an indirect conn, we know some router
547 * descriptors. If (rs==NULL), we can't build circuits anyway, so
548 * there's no point in falling back to the authorities in this case. */
550 const dir_indirection_t indirection
=
551 get_via_tor
? DIRIND_ANONYMOUS
: DIRIND_ONEHOP
;
552 directory_request_t
*req
= directory_request_new(dir_purpose
);
553 directory_request_set_routerstatus(req
, rs
);
554 directory_request_set_router_purpose(req
, router_purpose
);
555 directory_request_set_indirection(req
, indirection
);
556 directory_request_set_resource(req
, resource
);
557 if (dir_purpose
== DIR_PURPOSE_FETCH_CONSENSUS
)
558 dir_consensus_request_set_additional_headers(req
, resource
);
560 directory_request_set_guard_state(req
, guard_state
);
561 directory_initiate_request(req
);
562 directory_request_free(req
);
565 "While fetching directory info, "
566 "no running dirservers known. Will try again later. "
567 "(purpose %d)", dir_purpose
);
568 if (!purpose_needs_anonymity(dir_purpose
, router_purpose
, resource
)) {
569 /* remember we tried them all and failed. */
570 directory_all_unreachable(time(NULL
));
575 /** As directory_get_from_dirserver, but initiates a request to <i>every</i>
576 * directory authority other than ourself. Only for use by authorities when
577 * searching for missing information while voting. */
579 directory_get_from_all_authorities(uint8_t dir_purpose
,
580 uint8_t router_purpose
,
581 const char *resource
)
583 tor_assert(dir_purpose
== DIR_PURPOSE_FETCH_STATUS_VOTE
||
584 dir_purpose
== DIR_PURPOSE_FETCH_DETACHED_SIGNATURES
);
586 SMARTLIST_FOREACH_BEGIN(router_get_trusted_dir_servers(),
587 dir_server_t
*, ds
) {
588 if (router_digest_is_me(ds
->digest
))
590 if (!(ds
->type
& V3_DIRINFO
))
592 const routerstatus_t
*rs
= &ds
->fake_status
;
593 directory_request_t
*req
= directory_request_new(dir_purpose
);
594 directory_request_set_routerstatus(req
, rs
);
595 directory_request_set_router_purpose(req
, router_purpose
);
596 directory_request_set_resource(req
, resource
);
597 directory_initiate_request(req
);
598 directory_request_free(req
);
599 } SMARTLIST_FOREACH_END(ds
);
602 /** Return true iff <b>ind</b> requires a multihop circuit. */
604 dirind_is_anon(dir_indirection_t ind
)
606 return ind
== DIRIND_ANON_DIRPORT
|| ind
== DIRIND_ANONYMOUS
;
609 /* Choose reachable OR and Dir addresses and ports from status, copying them
610 * into use_or_ap and use_dir_ap. If indirection is anonymous, then we're
611 * connecting via another relay, so choose the primary IPv4 address and ports.
613 * status should have at least one reachable address, if we can't choose a
614 * reachable address, warn and return -1. Otherwise, return 0.
617 directory_choose_address_routerstatus(const routerstatus_t
*status
,
618 dir_indirection_t indirection
,
619 tor_addr_port_t
*use_or_ap
,
620 tor_addr_port_t
*use_dir_ap
)
622 tor_assert(status
!= NULL
);
623 tor_assert(use_or_ap
!= NULL
);
624 tor_assert(use_dir_ap
!= NULL
);
626 const or_options_t
*options
= get_options();
627 int have_or
= 0, have_dir
= 0;
629 /* We expect status to have at least one reachable address if we're
630 * connecting to it directly.
632 * Therefore, we can simply use the other address if the one we want isn't
633 * allowed by the firewall.
635 * (When Tor uploads and downloads a hidden service descriptor, it uses
636 * DIRIND_ANONYMOUS. Even Single Onion Servers (NYI) use DIRIND_ANONYMOUS,
637 * to avoid HSDirs denying service by rejecting descriptors.)
640 /* Initialise the OR / Dir addresses */
641 tor_addr_make_null(&use_or_ap
->addr
, AF_UNSPEC
);
643 tor_addr_make_null(&use_dir_ap
->addr
, AF_UNSPEC
);
644 use_dir_ap
->port
= 0;
646 /* ORPort connections */
647 if (indirection
== DIRIND_ANONYMOUS
) {
649 /* Since we're going to build a 3-hop circuit and ask the 2nd relay
650 * to extend to this address, always use the primary (IPv4) OR address */
651 tor_addr_from_ipv4h(&use_or_ap
->addr
, status
->addr
);
652 use_or_ap
->port
= status
->or_port
;
655 } else if (indirection
== DIRIND_ONEHOP
) {
656 /* We use an IPv6 address if we have one and we prefer it.
657 * Use the preferred address and port if they are reachable, otherwise,
658 * use the alternate address and port (if any).
660 fascist_firewall_choose_address_rs(status
, FIREWALL_OR_CONNECTION
, 0,
662 have_or
= tor_addr_port_is_valid_ap(use_or_ap
, 0);
665 /* DirPort connections
666 * DIRIND_ONEHOP uses ORPort, but may fall back to the DirPort on relays */
667 if (indirection
== DIRIND_DIRECT_CONN
||
668 indirection
== DIRIND_ANON_DIRPORT
||
669 (indirection
== DIRIND_ONEHOP
670 && !directory_must_use_begindir(options
))) {
671 fascist_firewall_choose_address_rs(status
, FIREWALL_DIR_CONNECTION
, 0,
673 have_dir
= tor_addr_port_is_valid_ap(use_dir_ap
, 0);
676 /* We rejected all addresses in the relay's status. This means we can't
678 if (!have_or
&& !have_dir
) {
679 static int logged_backtrace
= 0;
680 log_info(LD_BUG
, "Rejected all OR and Dir addresses from %s when "
681 "launching an outgoing directory connection to: IPv4 %s OR %d "
682 "Dir %d IPv6 %s OR %d Dir %d", routerstatus_describe(status
),
683 fmt_addr32(status
->addr
), status
->or_port
,
684 status
->dir_port
, fmt_addr(&status
->ipv6_addr
),
685 status
->ipv6_orport
, status
->dir_port
);
686 if (!logged_backtrace
) {
687 log_backtrace(LOG_INFO
, LD_BUG
, "Addresses came from");
688 logged_backtrace
= 1;
696 /** Return true iff <b>conn</b> is the client side of a directory connection
697 * we launched to ourself in order to determine the reachability of our
700 directory_conn_is_self_reachability_test(dir_connection_t
*conn
)
702 if (conn
->requested_resource
&&
703 !strcmpstart(conn
->requested_resource
,"authority")) {
704 const routerinfo_t
*me
= router_get_my_routerinfo();
706 router_digest_is_me(conn
->identity_digest
) &&
707 tor_addr_eq_ipv4h(&conn
->base_
.addr
, me
->addr
) && /*XXXX prop 118*/
708 me
->dir_port
== conn
->base_
.port
)
714 /** Called when we are unable to complete the client's request to a directory
715 * server due to a network error: Mark the router as down and try again if
719 connection_dir_client_request_failed(dir_connection_t
*conn
)
721 if (conn
->guard_state
) {
722 /* We haven't seen a success on this guard state, so consider it to have
724 entry_guard_failed(&conn
->guard_state
);
726 if (directory_conn_is_self_reachability_test(conn
)) {
727 return; /* this was a test fetch. don't retry. */
729 if (!entry_list_is_constrained(get_options()))
730 router_set_status(conn
->identity_digest
, 0); /* don't try this one again */
731 if (conn
->base_
.purpose
== DIR_PURPOSE_FETCH_SERVERDESC
||
732 conn
->base_
.purpose
== DIR_PURPOSE_FETCH_EXTRAINFO
) {
733 log_info(LD_DIR
, "Giving up on serverdesc/extrainfo fetch from "
734 "directory server at '%s'; retrying",
735 conn
->base_
.address
);
736 if (conn
->router_purpose
== ROUTER_PURPOSE_BRIDGE
)
737 connection_dir_bridge_routerdesc_failed(conn
);
738 connection_dir_download_routerdesc_failed(conn
);
739 } else if (conn
->base_
.purpose
== DIR_PURPOSE_FETCH_CONSENSUS
) {
740 if (conn
->requested_resource
)
741 networkstatus_consensus_download_failed(0, conn
->requested_resource
);
742 } else if (conn
->base_
.purpose
== DIR_PURPOSE_FETCH_CERTIFICATE
) {
743 log_info(LD_DIR
, "Giving up on certificate fetch from directory server "
745 conn
->base_
.address
);
746 connection_dir_download_cert_failed(conn
, 0);
747 } else if (conn
->base_
.purpose
== DIR_PURPOSE_FETCH_DETACHED_SIGNATURES
) {
748 log_info(LD_DIR
, "Giving up downloading detached signatures from '%s'",
749 conn
->base_
.address
);
750 } else if (conn
->base_
.purpose
== DIR_PURPOSE_FETCH_STATUS_VOTE
) {
751 log_info(LD_DIR
, "Giving up downloading votes from '%s'",
752 conn
->base_
.address
);
753 } else if (conn
->base_
.purpose
== DIR_PURPOSE_FETCH_MICRODESC
) {
754 log_info(LD_DIR
, "Giving up on downloading microdescriptors from "
755 "directory server at '%s'; will retry", conn
->base_
.address
);
756 connection_dir_download_routerdesc_failed(conn
);
760 /** Helper: Attempt to fetch directly the descriptors of each bridge
761 * listed in <b>failed</b>.
764 connection_dir_retry_bridges(smartlist_t
*descs
)
766 char digest
[DIGEST_LEN
];
767 SMARTLIST_FOREACH(descs
, const char *, cp
,
769 if (base16_decode(digest
, DIGEST_LEN
, cp
, strlen(cp
)) != DIGEST_LEN
) {
770 log_warn(LD_BUG
, "Malformed fingerprint in list: %s",
774 retry_bridge_descriptor_fetch_directly(digest
);
778 /** Called when an attempt to download one or more router descriptors
779 * or extra-info documents on connection <b>conn</b> failed.
782 connection_dir_download_routerdesc_failed(dir_connection_t
*conn
)
784 /* No need to increment the failure count for routerdescs, since
785 * it's not their fault. */
787 /* No need to relaunch descriptor downloads here: we already do it
788 * every 10 or 60 seconds (FOO_DESCRIPTOR_RETRY_INTERVAL) in main.c. */
789 tor_assert(conn
->base_
.purpose
== DIR_PURPOSE_FETCH_SERVERDESC
||
790 conn
->base_
.purpose
== DIR_PURPOSE_FETCH_EXTRAINFO
||
791 conn
->base_
.purpose
== DIR_PURPOSE_FETCH_MICRODESC
);
796 /** Called when an attempt to download a bridge's routerdesc from
797 * one of the authorities failed due to a network error. If
798 * possible attempt to download descriptors from the bridge directly.
801 connection_dir_bridge_routerdesc_failed(dir_connection_t
*conn
)
803 smartlist_t
*which
= NULL
;
805 /* Requests for bridge descriptors are in the form 'fp/', so ignore
807 if (!conn
->requested_resource
|| strcmpstart(conn
->requested_resource
,"fp/"))
810 which
= smartlist_new();
811 dir_split_resource_into_fingerprints(conn
->requested_resource
815 tor_assert(conn
->base_
.purpose
!= DIR_PURPOSE_FETCH_EXTRAINFO
);
816 if (smartlist_len(which
)) {
817 connection_dir_retry_bridges(which
);
818 SMARTLIST_FOREACH(which
, char *, cp
, tor_free(cp
));
820 smartlist_free(which
);
823 /** Called when an attempt to fetch a certificate fails. */
825 connection_dir_download_cert_failed(dir_connection_t
*conn
, int status
)
827 const char *fp_pfx
= "fp/";
828 const char *fpsk_pfx
= "fp-sk/";
830 tor_assert(conn
->base_
.purpose
== DIR_PURPOSE_FETCH_CERTIFICATE
);
832 if (!conn
->requested_resource
)
834 failed
= smartlist_new();
836 * We have two cases download by fingerprint (resource starts
837 * with "fp/") or download by fingerprint/signing key pair
838 * (resource starts with "fp-sk/").
840 if (!strcmpstart(conn
->requested_resource
, fp_pfx
)) {
841 /* Download by fingerprint case */
842 dir_split_resource_into_fingerprints(conn
->requested_resource
+
844 failed
, NULL
, DSR_HEX
);
845 SMARTLIST_FOREACH_BEGIN(failed
, char *, cp
) {
846 /* Null signing key digest indicates download by fp only */
847 authority_cert_dl_failed(cp
, NULL
, status
);
849 } SMARTLIST_FOREACH_END(cp
);
850 } else if (!strcmpstart(conn
->requested_resource
, fpsk_pfx
)) {
851 /* Download by (fp,sk) pairs */
852 dir_split_resource_into_fingerprint_pairs(conn
->requested_resource
+
853 strlen(fpsk_pfx
), failed
);
854 SMARTLIST_FOREACH_BEGIN(failed
, fp_pair_t
*, cp
) {
855 authority_cert_dl_failed(cp
->first
, cp
->second
, status
);
857 } SMARTLIST_FOREACH_END(cp
);
860 "Don't know what to do with failure for cert fetch %s",
861 conn
->requested_resource
);
864 smartlist_free(failed
);
866 update_certificate_downloads(time(NULL
));
869 /* Should this tor instance only use begindir for all its directory requests?
872 directory_must_use_begindir(const or_options_t
*options
)
874 /* Clients, onion services, and bridges must use begindir,
875 * relays and authorities do not have to */
876 return !public_server_mode(options
);
879 /** Evaluate the situation and decide if we should use an encrypted
880 * "begindir-style" connection for this directory request.
881 * 0) If there is no DirPort, yes.
882 * 1) If or_port is 0, or it's a direct conn and or_port is firewalled
883 * or we're a dir mirror, no.
884 * 2) If we prefer to avoid begindir conns, and we're not fetching or
885 * publishing a bridge relay descriptor, no.
887 * If returning 0, return in *reason why we can't use begindir.
888 * reason must not be NULL.
891 directory_command_should_use_begindir(const or_options_t
*options
,
892 const directory_request_t
*req
,
895 const tor_addr_t
*or_addr
= &req
->or_addr_port
.addr
;
896 //const tor_addr_t *dir_addr = &req->dir_addr_port.addr;
897 const int or_port
= req
->or_addr_port
.port
;
898 const int dir_port
= req
->dir_addr_port
.port
;
900 const dir_indirection_t indirection
= req
->indirection
;
905 /* Reasons why we must use begindir */
907 *reason
= "(using begindir - directory with no DirPort)";
908 return 1; /* We don't know a DirPort -- must begindir. */
910 /* Reasons why we can't possibly use begindir */
912 *reason
= "directory with unknown ORPort";
913 return 0; /* We don't know an ORPort -- no chance. */
915 if (indirection
== DIRIND_DIRECT_CONN
||
916 indirection
== DIRIND_ANON_DIRPORT
) {
917 *reason
= "DirPort connection";
920 if (indirection
== DIRIND_ONEHOP
) {
921 /* We're firewalled and want a direct OR connection */
922 if (!fascist_firewall_allows_address_addr(or_addr
, or_port
,
923 FIREWALL_OR_CONNECTION
, 0, 0)) {
924 *reason
= "ORPort not reachable";
928 /* Reasons why we want to avoid using begindir */
929 if (indirection
== DIRIND_ONEHOP
) {
930 if (!directory_must_use_begindir(options
)) {
931 *reason
= "in relay mode";
935 /* DIRIND_ONEHOP on a client, or DIRIND_ANONYMOUS
937 *reason
= "(using begindir)";
942 * Create and return a new directory_request_t with purpose
943 * <b>dir_purpose</b>.
945 directory_request_t
*
946 directory_request_new(uint8_t dir_purpose
)
948 tor_assert(dir_purpose
>= DIR_PURPOSE_MIN_
);
949 tor_assert(dir_purpose
<= DIR_PURPOSE_MAX_
);
950 tor_assert(dir_purpose
!= DIR_PURPOSE_SERVER
);
951 tor_assert(dir_purpose
!= DIR_PURPOSE_HAS_FETCHED_RENDDESC_V2
);
952 tor_assert(dir_purpose
!= DIR_PURPOSE_HAS_FETCHED_HSDESC
);
954 directory_request_t
*result
= tor_malloc_zero(sizeof(*result
));
955 tor_addr_make_null(&result
->or_addr_port
.addr
, AF_INET
);
956 result
->or_addr_port
.port
= 0;
957 tor_addr_make_null(&result
->dir_addr_port
.addr
, AF_INET
);
958 result
->dir_addr_port
.port
= 0;
959 result
->dir_purpose
= dir_purpose
;
960 result
->router_purpose
= ROUTER_PURPOSE_GENERAL
;
961 result
->indirection
= DIRIND_ONEHOP
;
965 * Release all resources held by <b>req</b>.
968 directory_request_free_(directory_request_t
*req
)
972 config_free_lines(req
->additional_headers
);
976 * Set the address and OR port to use for this directory request. If there is
977 * no OR port, we'll have to connect over the dirport. (If there are both,
978 * the indirection setting determines which to use.)
981 directory_request_set_or_addr_port(directory_request_t
*req
,
982 const tor_addr_port_t
*p
)
984 memcpy(&req
->or_addr_port
, p
, sizeof(*p
));
987 * Set the address and dirport to use for this directory request. If there
988 * is no dirport, we'll have to connect over the OR port. (If there are both,
989 * the indirection setting determines which to use.)
992 directory_request_set_dir_addr_port(directory_request_t
*req
,
993 const tor_addr_port_t
*p
)
995 memcpy(&req
->dir_addr_port
, p
, sizeof(*p
));
998 * Set the RSA identity digest of the directory to use for this directory
1002 directory_request_set_directory_id_digest(directory_request_t
*req
,
1005 memcpy(req
->digest
, digest
, DIGEST_LEN
);
1008 * Set the router purpose associated with uploaded and downloaded router
1009 * descriptors and extrainfo documents in this directory request. The purpose
1010 * must be one of ROUTER_PURPOSE_GENERAL (the default) or
1011 * ROUTER_PURPOSE_BRIDGE.
1014 directory_request_set_router_purpose(directory_request_t
*req
,
1015 uint8_t router_purpose
)
1017 tor_assert(router_purpose
== ROUTER_PURPOSE_GENERAL
||
1018 router_purpose
== ROUTER_PURPOSE_BRIDGE
);
1019 // assert that it actually makes sense to set this purpose, given
1021 req
->router_purpose
= router_purpose
;
1024 * Set the indirection to be used for the directory request. The indirection
1025 * parameter configures whether to connect to a DirPort or ORPort, and whether
1026 * to anonymize the connection. DIRIND_ONEHOP (use ORPort, don't anonymize)
1027 * is the default. See dir_indirection_t for more information.
1030 directory_request_set_indirection(directory_request_t
*req
,
1031 dir_indirection_t indirection
)
1033 req
->indirection
= indirection
;
1037 * Set a pointer to the resource to request from a directory. Different
1038 * request types use resources to indicate different components of their URL.
1039 * Note that only an alias to <b>resource</b> is stored, so the
1040 * <b>resource</b> must outlive the request.
1043 directory_request_set_resource(directory_request_t
*req
,
1044 const char *resource
)
1046 req
->resource
= resource
;
1049 * Set a pointer to the payload to include with this directory request, along
1050 * with its length. Note that only an alias to <b>payload</b> is stored, so
1051 * the <b>payload</b> must outlive the request.
1054 directory_request_set_payload(directory_request_t
*req
,
1055 const char *payload
,
1058 tor_assert(DIR_PURPOSE_IS_UPLOAD(req
->dir_purpose
));
1060 req
->payload
= payload
;
1061 req
->payload_len
= payload_len
;
1064 * Set an if-modified-since date to send along with the request. The
1065 * default is 0 (meaning, send no if-modified-since header).
1068 directory_request_set_if_modified_since(directory_request_t
*req
,
1069 time_t if_modified_since
)
1071 req
->if_modified_since
= if_modified_since
;
1074 /** Include a header of name <b>key</b> with content <b>val</b> in the
1075 * request. Neither may include newlines or other odd characters. Their
1076 * ordering is not currently guaranteed.
1078 * Note that, as elsewhere in this module, header keys include a trailing
1082 directory_request_add_header(directory_request_t
*req
,
1086 config_line_prepend(&req
->additional_headers
, key
, val
);
1089 * Set an object containing HS data to be associated with this request. Note
1090 * that only an alias to <b>query</b> is stored, so the <b>query</b> object
1091 * must outlive the request.
1094 directory_request_set_rend_query(directory_request_t
*req
,
1095 const rend_data_t
*query
)
1098 tor_assert(req
->dir_purpose
== DIR_PURPOSE_FETCH_RENDDESC_V2
||
1099 req
->dir_purpose
== DIR_PURPOSE_UPLOAD_RENDDESC_V2
);
1101 req
->rend_query
= query
;
1104 * Set an object containing HS connection identifier to be associated with
1105 * this request. Note that only an alias to <b>ident</b> is stored, so the
1106 * <b>ident</b> object must outlive the request.
1109 directory_request_upload_set_hs_ident(directory_request_t
*req
,
1110 const hs_ident_dir_conn_t
*ident
)
1113 tor_assert(req
->dir_purpose
== DIR_PURPOSE_UPLOAD_HSDESC
);
1115 req
->hs_ident
= ident
;
1118 * Set an object containing HS connection identifier to be associated with
1119 * this fetch request. Note that only an alias to <b>ident</b> is stored, so
1120 * the <b>ident</b> object must outlive the request.
1123 directory_request_fetch_set_hs_ident(directory_request_t
*req
,
1124 const hs_ident_dir_conn_t
*ident
)
1127 tor_assert(req
->dir_purpose
== DIR_PURPOSE_FETCH_HSDESC
);
1129 req
->hs_ident
= ident
;
1131 /** Set a static circuit_guard_state_t object to affliate with the request in
1132 * <b>req</b>. This object will receive notification when the attempt to
1133 * connect to the guard either succeeds or fails. */
1135 directory_request_set_guard_state(directory_request_t
*req
,
1136 circuit_guard_state_t
*state
)
1138 req
->guard_state
= state
;
1142 * Internal: Return true if any information for contacting the directory in
1143 * <b>req</b> has been set, other than by the routerstatus. */
1145 directory_request_dir_contact_info_specified(const directory_request_t
*req
)
1147 /* We only check for ports here, since we don't use an addr unless the port
1149 return (req
->or_addr_port
.port
||
1150 req
->dir_addr_port
.port
||
1151 ! tor_digest_is_zero(req
->digest
));
1155 * Set the routerstatus to use for the directory associated with this
1156 * request. If this option is set, then no other function to set the
1157 * directory's address or identity should be called.
1160 directory_request_set_routerstatus(directory_request_t
*req
,
1161 const routerstatus_t
*status
)
1163 req
->routerstatus
= status
;
1166 * Helper: update the addresses, ports, and identities in <b>req</b>
1167 * from the routerstatus object in <b>req</b>. Return 0 on success.
1168 * On failure, warn and return -1.
1171 directory_request_set_dir_from_routerstatus(directory_request_t
*req
)
1174 const routerstatus_t
*status
= req
->routerstatus
;
1175 if (BUG(status
== NULL
))
1177 const or_options_t
*options
= get_options();
1179 tor_addr_port_t use_or_ap
, use_dir_ap
;
1180 const int anonymized_connection
= dirind_is_anon(req
->indirection
);
1182 tor_assert(status
!= NULL
);
1184 node
= node_get_by_id(status
->identity_digest
);
1186 /* XXX The below check is wrong: !node means it's not in the consensus,
1187 * but we haven't checked if we have a descriptor for it -- and also,
1188 * we only care about the descriptor if it's a begindir-style anonymized
1190 if (!node
&& anonymized_connection
) {
1191 log_info(LD_DIR
, "Not sending anonymized request to directory '%s'; we "
1192 "don't have its router descriptor.",
1193 routerstatus_describe(status
));
1197 if (options
->ExcludeNodes
&& options
->StrictNodes
&&
1198 routerset_contains_routerstatus(options
->ExcludeNodes
, status
, -1)) {
1199 log_warn(LD_DIR
, "Wanted to contact directory mirror %s for %s, but "
1200 "it's in our ExcludedNodes list and StrictNodes is set. "
1201 "Skipping. This choice might make your Tor not work.",
1202 routerstatus_describe(status
),
1203 dir_conn_purpose_to_string(req
->dir_purpose
));
1207 /* At this point, if we are a client making a direct connection to a
1208 * directory server, we have selected a server that has at least one address
1209 * allowed by ClientUseIPv4/6 and Reachable{"",OR,Dir}Addresses. This
1210 * selection uses the preference in ClientPreferIPv6{OR,Dir}Port, if
1211 * possible. (If UseBridges is set, clients always use IPv6, and prefer it
1214 * Now choose an address that we can use to connect to the directory server.
1216 if (directory_choose_address_routerstatus(status
,
1217 req
->indirection
, &use_or_ap
,
1222 directory_request_set_or_addr_port(req
, &use_or_ap
);
1223 directory_request_set_dir_addr_port(req
, &use_dir_ap
);
1224 directory_request_set_directory_id_digest(req
, status
->identity_digest
);
1229 * Launch the provided directory request, configured in <b>request</b>.
1230 * After this function is called, you can free <b>request</b>.
1233 directory_initiate_request
,(directory_request_t
*request
))
1235 tor_assert(request
);
1236 if (request
->routerstatus
) {
1237 tor_assert_nonfatal(
1238 ! directory_request_dir_contact_info_specified(request
));
1239 if (directory_request_set_dir_from_routerstatus(request
) < 0) {
1244 const tor_addr_port_t
*or_addr_port
= &request
->or_addr_port
;
1245 const tor_addr_port_t
*dir_addr_port
= &request
->dir_addr_port
;
1246 const char *digest
= request
->digest
;
1247 const uint8_t dir_purpose
= request
->dir_purpose
;
1248 const uint8_t router_purpose
= request
->router_purpose
;
1249 const dir_indirection_t indirection
= request
->indirection
;
1250 const char *resource
= request
->resource
;
1251 const rend_data_t
*rend_query
= request
->rend_query
;
1252 const hs_ident_dir_conn_t
*hs_ident
= request
->hs_ident
;
1253 circuit_guard_state_t
*guard_state
= request
->guard_state
;
1255 tor_assert(or_addr_port
->port
|| dir_addr_port
->port
);
1258 dir_connection_t
*conn
;
1259 const or_options_t
*options
= get_options();
1260 int socket_error
= 0;
1261 const char *begindir_reason
= NULL
;
1262 /* Should the connection be to a relay's OR port (and inside that we will
1263 * send our directory request)? */
1264 const int use_begindir
=
1265 directory_command_should_use_begindir(options
, request
, &begindir_reason
);
1267 /* Will the connection go via a three-hop Tor circuit? Note that this
1268 * is separate from whether it will use_begindir. */
1269 const int anonymized_connection
= dirind_is_anon(indirection
);
1271 /* What is the address we want to make the directory request to? If
1272 * we're making a begindir request this is the ORPort of the relay
1273 * we're contacting; if not a begindir request, this is its DirPort.
1274 * Note that if anonymized_connection is true, we won't be initiating
1275 * a connection directly to this address. */
1277 tor_addr_copy(&addr
, &(use_begindir
? or_addr_port
: dir_addr_port
)->addr
);
1278 uint16_t port
= (use_begindir
? or_addr_port
: dir_addr_port
)->port
;
1280 log_debug(LD_DIR
, "anonymized %d, use_begindir %d.",
1281 anonymized_connection
, use_begindir
);
1283 log_debug(LD_DIR
, "Initiating %s", dir_conn_purpose_to_string(dir_purpose
));
1285 if (purpose_needs_anonymity(dir_purpose
, router_purpose
, resource
)) {
1286 tor_assert(anonymized_connection
||
1287 rend_non_anonymous_mode_enabled(options
));
1290 /* use encrypted begindir connections for everything except relays
1291 * this provides better protection for directory fetches */
1292 if (!use_begindir
&& directory_must_use_begindir(options
)) {
1293 log_warn(LD_BUG
, "Client could not use begindir connection: %s",
1294 begindir_reason
? begindir_reason
: "(NULL)");
1298 /* ensure that we don't make direct connections when a SOCKS server is
1300 if (!anonymized_connection
&& !use_begindir
&& !options
->HTTPProxy
&&
1301 (options
->Socks4Proxy
|| options
->Socks5Proxy
)) {
1302 log_warn(LD_DIR
, "Cannot connect to a directory server through a "
1307 /* Make sure that the destination addr and port we picked is viable. */
1308 if (!port
|| tor_addr_is_null(&addr
)) {
1309 static int logged_backtrace
= 0;
1311 "Cannot make an outgoing %sconnection without a remote %sPort.",
1312 use_begindir
? "begindir " : "",
1313 use_begindir
? "OR" : "Dir");
1314 if (!logged_backtrace
) {
1315 log_backtrace(LOG_INFO
, LD_BUG
, "Address came from");
1316 logged_backtrace
= 1;
1321 conn
= dir_connection_new(tor_addr_family(&addr
));
1323 /* set up conn so it's got all the data we need to remember */
1324 tor_addr_copy(&conn
->base_
.addr
, &addr
);
1325 conn
->base_
.port
= port
;
1326 conn
->base_
.address
= tor_addr_to_str_dup(&addr
);
1327 memcpy(conn
->identity_digest
, digest
, DIGEST_LEN
);
1329 conn
->base_
.purpose
= dir_purpose
;
1330 conn
->router_purpose
= router_purpose
;
1332 /* give it an initial state */
1333 conn
->base_
.state
= DIR_CONN_STATE_CONNECTING
;
1335 /* decide whether we can learn our IP address from this conn */
1336 /* XXXX This is a bad name for this field now. */
1337 conn
->dirconn_direct
= !anonymized_connection
;
1339 /* copy rendezvous data, if any */
1341 /* We can't have both v2 and v3+ identifier. */
1342 tor_assert_nonfatal(!hs_ident
);
1343 conn
->rend_data
= rend_data_dup(rend_query
);
1346 /* We can't have both v2 and v3+ identifier. */
1347 tor_assert_nonfatal(!rend_query
);
1348 conn
->hs_ident
= hs_ident_dir_conn_dup(hs_ident
);
1351 if (!anonymized_connection
&& !use_begindir
) {
1352 /* then we want to connect to dirport directly */
1354 if (options
->HTTPProxy
) {
1355 tor_addr_copy(&addr
, &options
->HTTPProxyAddr
);
1356 port
= options
->HTTPProxyPort
;
1359 // In this case we should not have picked a directory guard.
1360 if (BUG(guard_state
)) {
1361 entry_guard_cancel(&guard_state
);
1364 switch (connection_connect(TO_CONN(conn
), conn
->base_
.address
, &addr
,
1365 port
, &socket_error
)) {
1367 connection_mark_for_close(TO_CONN(conn
));
1370 /* start flushing conn */
1371 conn
->base_
.state
= DIR_CONN_STATE_CLIENT_SENDING
;
1374 /* queue the command on the outbuf */
1375 directory_send_command(conn
, 1, request
);
1376 connection_watch_events(TO_CONN(conn
), READ_EVENT
| WRITE_EVENT
);
1377 /* writable indicates finish, readable indicates broken link,
1378 error indicates broken link in windowsland. */
1381 /* We will use a Tor circuit (maybe 1-hop, maybe 3-hop, maybe with
1382 * begindir, maybe not with begindir) */
1384 entry_connection_t
*linked_conn
;
1386 /* Anonymized tunneled connections can never share a circuit.
1387 * One-hop directory connections can share circuits with each other
1388 * but nothing else. */
1389 int iso_flags
= anonymized_connection
? ISO_STREAM
: ISO_SESSIONGRP
;
1391 /* If it's an anonymized connection, remember the fact that we
1392 * wanted it for later: maybe we'll want it again soon. */
1393 if (anonymized_connection
&& use_begindir
)
1394 rep_hist_note_used_internal(time(NULL
), 0, 1);
1395 else if (anonymized_connection
&& !use_begindir
)
1396 rep_hist_note_used_port(time(NULL
), conn
->base_
.port
);
1398 // In this case we should not have a directory guard; we'll
1399 // get a regular guard later when we build the circuit.
1400 if (BUG(anonymized_connection
&& guard_state
)) {
1401 entry_guard_cancel(&guard_state
);
1404 conn
->guard_state
= guard_state
;
1406 /* make an AP connection
1407 * populate it and add it at the right state
1408 * hook up both sides
1411 connection_ap_make_link(TO_CONN(conn
),
1412 conn
->base_
.address
, conn
->base_
.port
,
1414 SESSION_GROUP_DIRCONN
, iso_flags
,
1415 use_begindir
, !anonymized_connection
);
1417 log_warn(LD_NET
,"Making tunnel to dirserver failed.");
1418 connection_mark_for_close(TO_CONN(conn
));
1422 if (connection_add(TO_CONN(conn
)) < 0) {
1423 log_warn(LD_NET
,"Unable to add connection for link to dirserver.");
1424 connection_mark_for_close(TO_CONN(conn
));
1427 conn
->base_
.state
= DIR_CONN_STATE_CLIENT_SENDING
;
1428 /* queue the command on the outbuf */
1429 directory_send_command(conn
, 0, request
);
1431 connection_watch_events(TO_CONN(conn
), READ_EVENT
|WRITE_EVENT
);
1432 connection_start_reading(ENTRY_TO_CONN(linked_conn
));
1436 /** Helper for sorting
1438 * sort strings alphabetically
1440 * XXXX we have a smartlist_sort_strings() function, right?
1443 compare_strs_(const void **a
, const void **b
)
1445 const char *s1
= *a
, *s2
= *b
;
1446 return strcmp(s1
, s2
);
1449 #define CONDITIONAL_CONSENSUS_FPR_LEN 3
1450 #if (CONDITIONAL_CONSENSUS_FPR_LEN > DIGEST_LEN)
1451 #error "conditional consensus fingerprint length is larger than digest length"
1454 /** Return the URL we should use for a consensus download.
1456 * Use the "conditional consensus downloading" feature described in
1457 * dir-spec.txt, i.e.
1458 * GET .../consensus/<b>fpr</b>+<b>fpr</b>+<b>fpr</b>
1460 * If 'resource' is provided, it is the name of a consensus flavor to request.
1463 directory_get_consensus_url(const char *resource
)
1466 const char *hyphen
, *flavor
;
1467 if (resource
==NULL
|| strcmp(resource
, "ns")==0) {
1468 flavor
= ""; /* Request ns consensuses as "", so older servers will work*/
1476 char *authority_id_list
;
1477 smartlist_t
*authority_digests
= smartlist_new();
1479 SMARTLIST_FOREACH_BEGIN(router_get_trusted_dir_servers(),
1480 dir_server_t
*, ds
) {
1482 if (!(ds
->type
& V3_DIRINFO
))
1485 hex
= tor_malloc(2*CONDITIONAL_CONSENSUS_FPR_LEN
+1);
1486 base16_encode(hex
, 2*CONDITIONAL_CONSENSUS_FPR_LEN
+1,
1487 ds
->v3_identity_digest
, CONDITIONAL_CONSENSUS_FPR_LEN
);
1488 smartlist_add(authority_digests
, hex
);
1489 } SMARTLIST_FOREACH_END(ds
);
1490 smartlist_sort(authority_digests
, compare_strs_
);
1491 authority_id_list
= smartlist_join_strings(authority_digests
,
1494 tor_asprintf(&url
, "/tor/status-vote/current/consensus%s%s/%s.z",
1495 hyphen
, flavor
, authority_id_list
);
1497 SMARTLIST_FOREACH(authority_digests
, char *, cp
, tor_free(cp
));
1498 smartlist_free(authority_digests
);
1499 tor_free(authority_id_list
);
1505 * Copies the ipv6 from source to destination, subject to buffer size limit
1506 * size. If decorate is true, makes sure the copied address is decorated.
1509 copy_ipv6_address(char* destination
, const char* source
, size_t len
,
1511 tor_assert(destination
);
1514 if (decorate
&& source
[0] != '[') {
1515 tor_snprintf(destination
, len
, "[%s]", source
);
1517 strlcpy(destination
, source
, len
);
1521 /** Queue an appropriate HTTP command for <b>request</b> on
1522 * <b>conn</b>-\>outbuf. If <b>direct</b> is true, we're making a
1523 * non-anonymized connection to the dirport.
1526 directory_send_command(dir_connection_t
*conn
,
1528 const directory_request_t
*req
)
1531 const int purpose
= req
->dir_purpose
;
1532 const char *resource
= req
->resource
;
1533 const char *payload
= req
->payload
;
1534 const size_t payload_len
= req
->payload_len
;
1535 const time_t if_modified_since
= req
->if_modified_since
;
1536 const int anonymized_connection
= dirind_is_anon(req
->indirection
);
1538 char proxystring
[256];
1539 char hoststring
[128];
1540 /* NEEDS to be the same size hoststring.
1541 Will be decorated with brackets around it if it is ipv6. */
1542 char decorated_address
[128];
1543 smartlist_t
*headers
= smartlist_new();
1545 char *accept_encoding
;
1548 size_t request_len
, total_request_len
= 0;
1549 const char *httpcommand
= NULL
;
1552 tor_assert(conn
->base_
.type
== CONN_TYPE_DIR
);
1554 tor_free(conn
->requested_resource
);
1556 conn
->requested_resource
= tor_strdup(resource
);
1558 /* decorate the ip address if it is ipv6 */
1559 if (strchr(conn
->base_
.address
, ':')) {
1560 copy_ipv6_address(decorated_address
, conn
->base_
.address
,
1561 sizeof(decorated_address
), 1);
1563 strlcpy(decorated_address
, conn
->base_
.address
, sizeof(decorated_address
));
1566 /* come up with a string for which Host: we want */
1567 if (conn
->base_
.port
== 80) {
1568 strlcpy(hoststring
, decorated_address
, sizeof(hoststring
));
1570 tor_snprintf(hoststring
, sizeof(hoststring
), "%s:%d",
1571 decorated_address
, conn
->base_
.port
);
1574 /* Format if-modified-since */
1575 if (if_modified_since
) {
1576 char b
[RFC1123_TIME_LEN
+1];
1577 format_rfc1123_time(b
, if_modified_since
);
1578 smartlist_add_asprintf(headers
, "If-Modified-Since: %s\r\n", b
);
1581 /* come up with some proxy lines, if we're using one. */
1582 if (direct
&& get_options()->HTTPProxy
) {
1583 char *base64_authenticator
=NULL
;
1584 const char *authenticator
= get_options()->HTTPProxyAuthenticator
;
1586 tor_snprintf(proxystring
, sizeof(proxystring
),"http://%s", hoststring
);
1587 if (authenticator
) {
1588 base64_authenticator
= alloc_http_authenticator(authenticator
);
1589 if (!base64_authenticator
)
1590 log_warn(LD_BUG
, "Encoding http authenticator failed");
1592 if (base64_authenticator
) {
1593 smartlist_add_asprintf(headers
,
1594 "Proxy-Authorization: Basic %s\r\n",
1595 base64_authenticator
);
1596 tor_free(base64_authenticator
);
1602 if (! anonymized_connection
) {
1603 /* Add Accept-Encoding. */
1604 accept_encoding
= accept_encoding_header();
1605 smartlist_add_asprintf(headers
, "Accept-Encoding: %s\r\n",
1607 tor_free(accept_encoding
);
1610 /* Add additional headers, if any */
1613 for (h
= req
->additional_headers
; h
; h
= h
->next
) {
1614 smartlist_add_asprintf(headers
, "%s%s\r\n", h
->key
, h
->value
);
1619 case DIR_PURPOSE_FETCH_CONSENSUS
:
1620 /* resource is optional. If present, it's a flavor name */
1621 tor_assert(!payload
);
1622 httpcommand
= "GET";
1623 url
= directory_get_consensus_url(resource
);
1624 log_info(LD_DIR
, "Downloading consensus from %s using %s",
1627 case DIR_PURPOSE_FETCH_CERTIFICATE
:
1628 tor_assert(resource
);
1629 tor_assert(!payload
);
1630 httpcommand
= "GET";
1631 tor_asprintf(&url
, "/tor/keys/%s", resource
);
1633 case DIR_PURPOSE_FETCH_STATUS_VOTE
:
1634 tor_assert(resource
);
1635 tor_assert(!payload
);
1636 httpcommand
= "GET";
1637 tor_asprintf(&url
, "/tor/status-vote/next/%s.z", resource
);
1639 case DIR_PURPOSE_FETCH_DETACHED_SIGNATURES
:
1640 tor_assert(!resource
);
1641 tor_assert(!payload
);
1642 httpcommand
= "GET";
1643 url
= tor_strdup("/tor/status-vote/next/consensus-signatures.z");
1645 case DIR_PURPOSE_FETCH_SERVERDESC
:
1646 tor_assert(resource
);
1647 httpcommand
= "GET";
1648 tor_asprintf(&url
, "/tor/server/%s", resource
);
1650 case DIR_PURPOSE_FETCH_EXTRAINFO
:
1651 tor_assert(resource
);
1652 httpcommand
= "GET";
1653 tor_asprintf(&url
, "/tor/extra/%s", resource
);
1655 case DIR_PURPOSE_FETCH_MICRODESC
:
1656 tor_assert(resource
);
1657 httpcommand
= "GET";
1658 tor_asprintf(&url
, "/tor/micro/%s", resource
);
1660 case DIR_PURPOSE_UPLOAD_DIR
: {
1661 const char *why
= router_get_descriptor_gen_reason();
1662 tor_assert(!resource
);
1663 tor_assert(payload
);
1664 httpcommand
= "POST";
1665 url
= tor_strdup("/tor/");
1667 why
= "for no reason at all";
1669 smartlist_add_asprintf(headers
, "X-Desc-Gen-Reason: %s\r\n", why
);
1672 case DIR_PURPOSE_UPLOAD_VOTE
:
1673 tor_assert(!resource
);
1674 tor_assert(payload
);
1675 httpcommand
= "POST";
1676 url
= tor_strdup("/tor/post/vote");
1678 case DIR_PURPOSE_UPLOAD_SIGNATURES
:
1679 tor_assert(!resource
);
1680 tor_assert(payload
);
1681 httpcommand
= "POST";
1682 url
= tor_strdup("/tor/post/consensus-signature");
1684 case DIR_PURPOSE_FETCH_RENDDESC_V2
:
1685 tor_assert(resource
);
1686 tor_assert(strlen(resource
) <= REND_DESC_ID_V2_LEN_BASE32
);
1687 tor_assert(!payload
);
1688 httpcommand
= "GET";
1689 tor_asprintf(&url
, "/tor/rendezvous2/%s", resource
);
1691 case DIR_PURPOSE_FETCH_HSDESC
:
1692 tor_assert(resource
);
1693 tor_assert(strlen(resource
) <= ED25519_BASE64_LEN
);
1694 tor_assert(!payload
);
1695 httpcommand
= "GET";
1696 tor_asprintf(&url
, "/tor/hs/3/%s", resource
);
1698 case DIR_PURPOSE_UPLOAD_RENDDESC_V2
:
1699 tor_assert(!resource
);
1700 tor_assert(payload
);
1701 httpcommand
= "POST";
1702 url
= tor_strdup("/tor/rendezvous2/publish");
1704 case DIR_PURPOSE_UPLOAD_HSDESC
:
1705 tor_assert(resource
);
1706 tor_assert(payload
);
1707 httpcommand
= "POST";
1708 tor_asprintf(&url
, "/tor/hs/%s/publish", resource
);
1715 /* warn in the non-tunneled case */
1716 if (direct
&& (strlen(proxystring
) + strlen(url
) >= 4096)) {
1718 "Squid does not like URLs longer than 4095 bytes, and this "
1719 "one is %d bytes long: %s%s",
1720 (int)(strlen(proxystring
) + strlen(url
)), proxystring
, url
);
1723 tor_snprintf(request
, sizeof(request
), "%s %s", httpcommand
, proxystring
);
1725 request_len
= strlen(request
);
1726 total_request_len
+= request_len
;
1727 connection_buf_add(request
, request_len
, TO_CONN(conn
));
1729 url_len
= strlen(url
);
1730 total_request_len
+= url_len
;
1731 connection_buf_add(url
, url_len
, TO_CONN(conn
));
1734 if (!strcmp(httpcommand
, "POST") || payload
) {
1735 smartlist_add_asprintf(headers
, "Content-Length: %lu\r\n",
1736 payload
? (unsigned long)payload_len
: 0);
1740 char *header
= smartlist_join_strings(headers
, "", 0, NULL
);
1741 tor_snprintf(request
, sizeof(request
), " HTTP/1.0\r\nHost: %s\r\n%s\r\n",
1742 hoststring
, header
);
1746 request_len
= strlen(request
);
1747 total_request_len
+= request_len
;
1748 connection_buf_add(request
, request_len
, TO_CONN(conn
));
1751 /* then send the payload afterwards too */
1752 connection_buf_add(payload
, payload_len
, TO_CONN(conn
));
1753 total_request_len
+= payload_len
;
1756 SMARTLIST_FOREACH(headers
, char *, h
, tor_free(h
));
1757 smartlist_free(headers
);
1760 "Sent request to directory server '%s:%d': "
1761 "(purpose: %d, request size: %"TOR_PRIuSZ
", "
1762 "payload size: %"TOR_PRIuSZ
")",
1763 conn
->base_
.address
, conn
->base_
.port
,
1764 conn
->base_
.purpose
,
1765 (total_request_len
),
1766 (payload
? payload_len
: 0));
1769 /** Return true iff <b>body</b> doesn't start with a plausible router or
1770 * network-status or microdescriptor opening. This is a sign of possible
1773 body_is_plausible(const char *body
, size_t len
, int purpose
)
1777 return 1; /* empty bodies don't need decompression */
1780 if (purpose
== DIR_PURPOSE_FETCH_MICRODESC
) {
1781 return (!strcmpstart(body
,"onion-key"));
1784 if (!strcmpstart(body
,"router") ||
1785 !strcmpstart(body
,"network-status"))
1787 for (i
=0;i
<32;++i
) {
1788 if (!TOR_ISPRINT(body
[i
]) && !TOR_ISSPACE(body
[i
]))
1795 /** Called when we've just fetched a bunch of router descriptors in
1796 * <b>body</b>. The list <b>which</b>, if present, holds digests for
1797 * descriptors we requested: descriptor digests if <b>descriptor_digests</b>
1798 * is true, or identity digests otherwise. Parse the descriptors, validate
1799 * them, and annotate them as having purpose <b>purpose</b> and as having been
1800 * downloaded from <b>source</b>.
1802 * Return the number of routers actually added. */
1804 load_downloaded_routers(const char *body
, smartlist_t
*which
,
1805 int descriptor_digests
,
1810 char time_buf
[ISO_TIME_LEN
+1];
1812 int general
= router_purpose
== ROUTER_PURPOSE_GENERAL
;
1813 format_iso_time(time_buf
, time(NULL
));
1816 if (tor_snprintf(buf
, sizeof(buf
),
1817 "@downloaded-at %s\n"
1819 "%s%s%s", time_buf
, escaped(source
),
1820 !general
? "@purpose " : "",
1821 !general
? router_purpose_to_string(router_purpose
) : "",
1822 !general
? "\n" : "")<0)
1825 added
= router_load_routers_from_string(body
, NULL
, SAVED_NOWHERE
, which
,
1826 descriptor_digests
, buf
);
1827 if (added
&& general
)
1828 control_event_boot_dir(BOOTSTRAP_STATUS_LOADING_DESCRIPTORS
,
1829 count_loading_descriptors_progress());
1833 static int handle_response_fetch_certificate(dir_connection_t
*,
1834 const response_handler_args_t
*);
1835 static int handle_response_fetch_status_vote(dir_connection_t
*,
1836 const response_handler_args_t
*);
1837 static int handle_response_fetch_detached_signatures(dir_connection_t
*,
1838 const response_handler_args_t
*);
1839 static int handle_response_fetch_desc(dir_connection_t
*,
1840 const response_handler_args_t
*);
1841 static int handle_response_upload_dir(dir_connection_t
*,
1842 const response_handler_args_t
*);
1843 static int handle_response_upload_vote(dir_connection_t
*,
1844 const response_handler_args_t
*);
1845 static int handle_response_upload_signatures(dir_connection_t
*,
1846 const response_handler_args_t
*);
1847 static int handle_response_fetch_renddesc_v2(dir_connection_t
*,
1848 const response_handler_args_t
*);
1849 static int handle_response_upload_renddesc_v2(dir_connection_t
*,
1850 const response_handler_args_t
*);
1851 static int handle_response_upload_hsdesc(dir_connection_t
*,
1852 const response_handler_args_t
*);
1855 dir_client_decompress_response_body(char **bodyp
, size_t *bodylenp
,
1856 dir_connection_t
*conn
,
1857 compress_method_t compression
,
1858 int anonymized_connection
)
1861 const char *body
= *bodyp
;
1862 size_t body_len
= *bodylenp
;
1863 int allow_partial
= (conn
->base_
.purpose
== DIR_PURPOSE_FETCH_SERVERDESC
||
1864 conn
->base_
.purpose
== DIR_PURPOSE_FETCH_EXTRAINFO
||
1865 conn
->base_
.purpose
== DIR_PURPOSE_FETCH_MICRODESC
);
1867 int plausible
= body_is_plausible(body
, body_len
, conn
->base_
.purpose
);
1869 if (plausible
&& compression
== NO_METHOD
) {
1873 int severity
= LOG_DEBUG
;
1874 char *new_body
= NULL
;
1876 const char *description1
, *description2
;
1877 int want_to_try_both
= 0;
1879 compress_method_t guessed
= detect_compression_method(body
, body_len
);
1881 description1
= compression_method_get_human_name(compression
);
1883 if (BUG(description1
== NULL
))
1884 description1
= compression_method_get_human_name(UNKNOWN_METHOD
);
1886 if (guessed
== UNKNOWN_METHOD
&& !plausible
)
1887 description2
= "confusing binary junk";
1889 description2
= compression_method_get_human_name(guessed
);
1891 /* Tell the user if we don't believe what we're told about compression.*/
1892 want_to_try_both
= (compression
== UNKNOWN_METHOD
||
1893 guessed
!= compression
);
1894 if (want_to_try_both
) {
1895 severity
= LOG_PROTOCOL_WARN
;
1898 tor_log(severity
, LD_HTTP
,
1899 "HTTP body from server '%s:%d' was labeled as %s, "
1900 "%s it seems to be %s.%s",
1901 conn
->base_
.address
, conn
->base_
.port
, description1
,
1902 guessed
!= compression
?"but":"and",
1904 (compression
>0 && guessed
>0 && want_to_try_both
)?
1905 " Trying both.":"");
1907 /* Try declared compression first if we can.
1908 * tor_compress_supports_method() also returns true for NO_METHOD.
1909 * Ensure that the server is not sending us data compressed using a
1910 * compression method that is not allowed for anonymous connections. */
1911 if (anonymized_connection
&&
1912 ! allowed_anonymous_connection_compression_method(compression
)) {
1913 warn_disallowed_anonymous_compression_method(compression
);
1918 if (tor_compress_supports_method(compression
)) {
1919 tor_uncompress(&new_body
, &new_len
, body
, body_len
, compression
,
1920 !allow_partial
, LOG_PROTOCOL_WARN
);
1922 /* We succeeded with the declared compression method. Great! */
1928 /* Okay, if that didn't work, and we think that it was compressed
1929 * differently, try that. */
1930 if (anonymized_connection
&&
1931 ! allowed_anonymous_connection_compression_method(guessed
)) {
1932 warn_disallowed_anonymous_compression_method(guessed
);
1937 if (tor_compress_supports_method(guessed
) &&
1938 compression
!= guessed
) {
1939 tor_uncompress(&new_body
, &new_len
, body
, body_len
, guessed
,
1940 !allow_partial
, LOG_INFO
);
1943 /* If we're pretty sure that we have a compressed directory, and
1944 * we didn't manage to uncompress it, then warn and bail. */
1945 if (!plausible
&& !new_body
) {
1946 log_fn(LOG_PROTOCOL_WARN
, LD_HTTP
,
1947 "Unable to decompress HTTP body (tried %s%s%s, server '%s:%d').",
1949 tried_both
?" and ":"",
1950 tried_both
?description2
:"",
1951 conn
->base_
.address
, conn
->base_
.port
);
1962 *bodylenp
= new_len
;
1971 /** We are a client, and we've finished reading the server's
1972 * response. Parse it and act appropriately.
1974 * If we're still happy with using this directory server in the future, return
1975 * 0. Otherwise return -1; and the caller should consider trying the request
1978 * The caller will take care of marking the connection for close.
1981 connection_dir_client_reached_eof(dir_connection_t
*conn
)
1984 char *headers
= NULL
;
1985 char *reason
= NULL
;
1986 size_t body_len
= 0;
1988 time_t date_header
= 0;
1990 compress_method_t compression
;
1993 int allow_partial
= (conn
->base_
.purpose
== DIR_PURPOSE_FETCH_SERVERDESC
||
1994 conn
->base_
.purpose
== DIR_PURPOSE_FETCH_EXTRAINFO
||
1995 conn
->base_
.purpose
== DIR_PURPOSE_FETCH_MICRODESC
);
1996 size_t received_bytes
;
1997 const int anonymized_connection
=
1998 purpose_needs_anonymity(conn
->base_
.purpose
,
1999 conn
->router_purpose
,
2000 conn
->requested_resource
);
2002 received_bytes
= connection_get_inbuf_len(TO_CONN(conn
));
2004 switch (connection_fetch_from_buf_http(TO_CONN(conn
),
2005 &headers
, MAX_HEADERS_SIZE
,
2006 &body
, &body_len
, MAX_DIR_DL_SIZE
,
2008 case -1: /* overflow */
2009 log_warn(LD_PROTOCOL
,
2010 "'fetch' response too large (server '%s:%d'). Closing.",
2011 conn
->base_
.address
, conn
->base_
.port
);
2015 "'fetch' response not all here, but we're at eof. Closing.");
2017 /* case 1, fall through */
2020 if (parse_http_response(headers
, &status_code
, &date_header
,
2021 &compression
, &reason
) < 0) {
2022 log_warn(LD_HTTP
,"Unparseable headers (server '%s:%d'). Closing.",
2023 conn
->base_
.address
, conn
->base_
.port
);
2028 if (!reason
) reason
= tor_strdup("[no reason given]");
2030 tor_log(LOG_DEBUG
, LD_DIR
,
2031 "Received response from directory server '%s:%d': %d %s "
2032 "(purpose: %d, response size: %"TOR_PRIuSZ
2033 #ifdef MEASUREMENTS_21206
2034 ", data cells received: %d, data cells sent: %d"
2036 ", compression: %d)",
2037 conn
->base_
.address
, conn
->base_
.port
, status_code
,
2038 escaped(reason
), conn
->base_
.purpose
,
2040 #ifdef MEASUREMENTS_21206
2041 conn
->data_cells_received
, conn
->data_cells_sent
,
2045 if (conn
->guard_state
) {
2046 /* we count the connection as successful once we can read from it. We do
2047 * not, however, delay use of the circuit here, since it's just for a
2048 * one-hop directory request. */
2049 /* XXXXprop271 note that this will not do the right thing for other
2050 * waiting circuits that would be triggered by this circuit becoming
2051 * complete/usable. But that's ok, I think.
2053 entry_guard_succeeded(&conn
->guard_state
);
2054 circuit_guard_state_free(conn
->guard_state
);
2055 conn
->guard_state
= NULL
;
2058 /* now check if it's got any hints for us about our IP address. */
2059 if (conn
->dirconn_direct
) {
2060 char *guess
= http_get_header(headers
, X_ADDRESS_HEADER
);
2062 router_new_address_suggestion(guess
, conn
);
2067 if (date_header
> 0) {
2068 /* The date header was written very soon after we sent our request,
2069 * so compute the skew as the difference between sending the request
2070 * and the date header. (We used to check now-date_header, but that's
2071 * inaccurate if we spend a lot of time downloading.)
2073 apparent_skew
= conn
->base_
.timestamp_last_write_allowed
- date_header
;
2074 if (labs(apparent_skew
)>ALLOW_DIRECTORY_TIME_SKEW
) {
2075 int trusted
= router_digest_is_trusted_dir(conn
->identity_digest
);
2076 clock_skew_warning(TO_CONN(conn
), apparent_skew
, trusted
, LD_HTTP
,
2077 "directory", "DIRSERV");
2078 skewed
= 1; /* don't check the recommended-versions line */
2080 log_debug(LD_HTTP
, "Time on received directory is within tolerance; "
2081 "we are %ld seconds skewed. (That's okay.)", apparent_skew
);
2084 (void) skewed
; /* skewed isn't used yet. */
2086 if (status_code
== 503) {
2089 const char *id_digest
= conn
->identity_digest
;
2090 log_info(LD_DIR
,"Received http status code %d (%s) from server "
2091 "'%s:%d'. I'll try again soon.",
2092 status_code
, escaped(reason
), conn
->base_
.address
,
2094 time_t now
= approx_time();
2095 if ((rs
= router_get_mutable_consensus_status_by_id(id_digest
)))
2096 rs
->last_dir_503_at
= now
;
2097 if ((ds
= router_get_fallback_dirserver_by_digest(id_digest
)))
2098 ds
->fake_status
.last_dir_503_at
= now
;
2104 if (dir_client_decompress_response_body(&body
, &body_len
,
2105 conn
, compression
, anonymized_connection
) < 0) {
2110 response_handler_args_t args
;
2111 memset(&args
, 0, sizeof(args
));
2112 args
.status_code
= status_code
;
2113 args
.reason
= reason
;
2115 args
.body_len
= body_len
;
2116 args
.headers
= headers
;
2118 switch (conn
->base_
.purpose
) {
2119 case DIR_PURPOSE_FETCH_CONSENSUS
:
2120 rv
= handle_response_fetch_consensus(conn
, &args
);
2122 case DIR_PURPOSE_FETCH_CERTIFICATE
:
2123 rv
= handle_response_fetch_certificate(conn
, &args
);
2125 case DIR_PURPOSE_FETCH_STATUS_VOTE
:
2126 rv
= handle_response_fetch_status_vote(conn
, &args
);
2128 case DIR_PURPOSE_FETCH_DETACHED_SIGNATURES
:
2129 rv
= handle_response_fetch_detached_signatures(conn
, &args
);
2131 case DIR_PURPOSE_FETCH_SERVERDESC
:
2132 case DIR_PURPOSE_FETCH_EXTRAINFO
:
2133 rv
= handle_response_fetch_desc(conn
, &args
);
2135 case DIR_PURPOSE_FETCH_MICRODESC
:
2136 rv
= handle_response_fetch_microdesc(conn
, &args
);
2138 case DIR_PURPOSE_FETCH_RENDDESC_V2
:
2139 rv
= handle_response_fetch_renddesc_v2(conn
, &args
);
2141 case DIR_PURPOSE_UPLOAD_DIR
:
2142 rv
= handle_response_upload_dir(conn
, &args
);
2144 case DIR_PURPOSE_UPLOAD_SIGNATURES
:
2145 rv
= handle_response_upload_signatures(conn
, &args
);
2147 case DIR_PURPOSE_UPLOAD_VOTE
:
2148 rv
= handle_response_upload_vote(conn
, &args
);
2150 case DIR_PURPOSE_UPLOAD_RENDDESC_V2
:
2151 rv
= handle_response_upload_renddesc_v2(conn
, &args
);
2153 case DIR_PURPOSE_UPLOAD_HSDESC
:
2154 rv
= handle_response_upload_hsdesc(conn
, &args
);
2156 case DIR_PURPOSE_FETCH_HSDESC
:
2157 rv
= handle_response_fetch_hsdesc_v3(conn
, &args
);
2160 tor_assert_nonfatal_unreached();
2173 * Handler function: processes a response to a request for a networkstatus
2174 * consensus document by checking the consensus, storing it, and marking
2175 * router requests as reachable.
2178 handle_response_fetch_consensus(dir_connection_t
*conn
,
2179 const response_handler_args_t
*args
)
2181 tor_assert(conn
->base_
.purpose
== DIR_PURPOSE_FETCH_CONSENSUS
);
2182 const int status_code
= args
->status_code
;
2183 const char *body
= args
->body
;
2184 const size_t body_len
= args
->body_len
;
2185 const char *reason
= args
->reason
;
2186 const time_t now
= approx_time();
2188 const char *consensus
;
2189 char *new_consensus
= NULL
;
2190 const char *sourcename
;
2193 const char *flavname
= conn
->requested_resource
;
2194 if (status_code
!= 200) {
2195 int severity
= (status_code
== 304) ? LOG_INFO
: LOG_WARN
;
2196 tor_log(severity
, LD_DIR
,
2197 "Received http status code %d (%s) from server "
2198 "'%s:%d' while fetching consensus directory.",
2199 status_code
, escaped(reason
), conn
->base_
.address
,
2201 networkstatus_consensus_download_failed(status_code
, flavname
);
2205 if (looks_like_a_consensus_diff(body
, body_len
)) {
2206 /* First find our previous consensus. Maybe it's in ram, maybe not. */
2207 cached_dir_t
*cd
= dirserv_get_consensus(flavname
);
2208 const char *consensus_body
= NULL
;
2209 size_t consensus_body_len
;
2210 tor_mmap_t
*mapped_consensus
= NULL
;
2212 consensus_body
= cd
->dir
;
2213 consensus_body_len
= cd
->dir_len
;
2215 mapped_consensus
= networkstatus_map_cached_consensus(flavname
);
2216 if (mapped_consensus
) {
2217 consensus_body
= mapped_consensus
->data
;
2218 consensus_body_len
= mapped_consensus
->size
;
2221 if (!consensus_body
) {
2222 log_warn(LD_DIR
, "Received a consensus diff, but we can't find "
2223 "any %s-flavored consensus in our current cache.",flavname
);
2224 tor_munmap_file(mapped_consensus
);
2225 networkstatus_consensus_download_failed(0, flavname
);
2226 // XXXX if this happens too much, see below
2230 new_consensus
= consensus_diff_apply(consensus_body
, consensus_body_len
,
2232 tor_munmap_file(mapped_consensus
);
2233 if (new_consensus
== NULL
) {
2234 log_warn(LD_DIR
, "Could not apply consensus diff received from server "
2235 "'%s:%d'", conn
->base_
.address
, conn
->base_
.port
);
2236 // XXXX If this happens too many times, we should maybe not use
2237 // XXXX this directory for diffs any more?
2238 networkstatus_consensus_download_failed(0, flavname
);
2241 log_info(LD_DIR
, "Applied consensus diff (size %d) from server "
2242 "'%s:%d', resulting in a new consensus document (size %d).",
2243 (int)body_len
, conn
->base_
.address
, conn
->base_
.port
,
2244 (int)strlen(new_consensus
));
2245 consensus
= new_consensus
;
2246 sourcename
= "generated based on a diff";
2248 log_info(LD_DIR
,"Received consensus directory (body size %d) from server "
2249 "'%s:%d'", (int)body_len
, conn
->base_
.address
, conn
->base_
.port
);
2251 sourcename
= "downloaded";
2254 if ((r
=networkstatus_set_current_consensus(consensus
,
2257 conn
->identity_digest
))<0) {
2258 log_fn(r
<-1?LOG_WARN
:LOG_INFO
, LD_DIR
,
2259 "Unable to load %s consensus directory %s from "
2260 "server '%s:%d'. I'll try again soon.",
2261 flavname
, sourcename
, conn
->base_
.address
, conn
->base_
.port
);
2262 networkstatus_consensus_download_failed(0, flavname
);
2263 tor_free(new_consensus
);
2267 /* If we launched other fetches for this consensus, cancel them. */
2268 connection_dir_close_consensus_fetches(conn
, flavname
);
2270 /* update the list of routers and directory guards */
2271 routers_update_all_from_networkstatus(now
, 3);
2272 update_microdescs_from_networkstatus(now
);
2273 directory_info_has_arrived(now
, 0, 0);
2275 if (authdir_mode_v3(get_options())) {
2276 sr_act_post_consensus(
2277 networkstatus_get_latest_consensus_by_flavor(FLAV_NS
));
2279 log_info(LD_DIR
, "Successfully loaded consensus.");
2281 tor_free(new_consensus
);
2286 * Handler function: processes a response to a request for one or more
2287 * authority certificates
2290 handle_response_fetch_certificate(dir_connection_t
*conn
,
2291 const response_handler_args_t
*args
)
2293 tor_assert(conn
->base_
.purpose
== DIR_PURPOSE_FETCH_CERTIFICATE
);
2294 const int status_code
= args
->status_code
;
2295 const char *reason
= args
->reason
;
2296 const char *body
= args
->body
;
2297 const size_t body_len
= args
->body_len
;
2299 if (status_code
!= 200) {
2301 "Received http status code %d (%s) from server "
2302 "'%s:%d' while fetching \"/tor/keys/%s\".",
2303 status_code
, escaped(reason
), conn
->base_
.address
,
2304 conn
->base_
.port
, conn
->requested_resource
);
2305 connection_dir_download_cert_failed(conn
, status_code
);
2308 log_info(LD_DIR
,"Received authority certificates (body size %d) from "
2310 (int)body_len
, conn
->base_
.address
, conn
->base_
.port
);
2313 * Tell trusted_dirs_load_certs_from_string() whether it was by fp
2317 if (!strcmpstart(conn
->requested_resource
, "fp/")) {
2318 src_code
= TRUSTED_DIRS_CERTS_SRC_DL_BY_ID_DIGEST
;
2319 } else if (!strcmpstart(conn
->requested_resource
, "fp-sk/")) {
2320 src_code
= TRUSTED_DIRS_CERTS_SRC_DL_BY_ID_SK_DIGEST
;
2323 if (src_code
!= -1) {
2324 if (trusted_dirs_load_certs_from_string(body
, src_code
, 1,
2325 conn
->identity_digest
)<0) {
2326 log_warn(LD_DIR
, "Unable to parse fetched certificates");
2327 /* if we fetched more than one and only some failed, the successful
2328 * ones got flushed to disk so it's safe to call this on them */
2329 connection_dir_download_cert_failed(conn
, status_code
);
2331 time_t now
= approx_time();
2332 directory_info_has_arrived(now
, 0, 0);
2333 log_info(LD_DIR
, "Successfully loaded certificates from fetch.");
2337 "Couldn't figure out what to do with fetched certificates for "
2338 "unknown resource %s",
2339 conn
->requested_resource
);
2340 connection_dir_download_cert_failed(conn
, status_code
);
2346 * Handler function: processes a response to a request for an authority's
2347 * current networkstatus vote.
2350 handle_response_fetch_status_vote(dir_connection_t
*conn
,
2351 const response_handler_args_t
*args
)
2353 tor_assert(conn
->base_
.purpose
== DIR_PURPOSE_FETCH_STATUS_VOTE
);
2354 const int status_code
= args
->status_code
;
2355 const char *reason
= args
->reason
;
2356 const char *body
= args
->body
;
2357 const size_t body_len
= args
->body_len
;
2361 log_info(LD_DIR
,"Got votes (body size %d) from server %s:%d",
2362 (int)body_len
, conn
->base_
.address
, conn
->base_
.port
);
2363 if (status_code
!= 200) {
2365 "Received http status code %d (%s) from server "
2366 "'%s:%d' while fetching \"/tor/status-vote/next/%s.z\".",
2367 status_code
, escaped(reason
), conn
->base_
.address
,
2368 conn
->base_
.port
, conn
->requested_resource
);
2371 dirvote_add_vote(body
, &msg
, &st
);
2373 log_warn(LD_DIR
, "Error adding retrieved vote: %s", msg
);
2375 log_info(LD_DIR
, "Added vote(s) successfully [msg: %s]", msg
);
2382 * Handler function: processes a response to a request for the signatures
2383 * that an authority knows about on a given consensus.
2386 handle_response_fetch_detached_signatures(dir_connection_t
*conn
,
2387 const response_handler_args_t
*args
)
2389 tor_assert(conn
->base_
.purpose
== DIR_PURPOSE_FETCH_DETACHED_SIGNATURES
);
2390 const int status_code
= args
->status_code
;
2391 const char *reason
= args
->reason
;
2392 const char *body
= args
->body
;
2393 const size_t body_len
= args
->body_len
;
2395 const char *msg
= NULL
;
2396 log_info(LD_DIR
,"Got detached signatures (body size %d) from server %s:%d",
2397 (int)body_len
, conn
->base_
.address
, conn
->base_
.port
);
2398 if (status_code
!= 200) {
2400 "Received http status code %d (%s) from server '%s:%d' while fetching "
2401 "\"/tor/status-vote/next/consensus-signatures.z\".",
2402 status_code
, escaped(reason
), conn
->base_
.address
,
2406 if (dirvote_add_signatures(body
, conn
->base_
.address
, &msg
)<0) {
2407 log_warn(LD_DIR
, "Problem adding detached signatures from %s:%d: %s",
2408 conn
->base_
.address
, conn
->base_
.port
, msg
?msg
:"???");
2415 * Handler function: processes a response to a request for a group of server
2416 * descriptors or an extrainfo documents.
2419 handle_response_fetch_desc(dir_connection_t
*conn
,
2420 const response_handler_args_t
*args
)
2422 tor_assert(conn
->base_
.purpose
== DIR_PURPOSE_FETCH_SERVERDESC
||
2423 conn
->base_
.purpose
== DIR_PURPOSE_FETCH_EXTRAINFO
);
2424 const int status_code
= args
->status_code
;
2425 const char *reason
= args
->reason
;
2426 const char *body
= args
->body
;
2427 const size_t body_len
= args
->body_len
;
2429 int was_ei
= conn
->base_
.purpose
== DIR_PURPOSE_FETCH_EXTRAINFO
;
2430 smartlist_t
*which
= NULL
;
2431 int n_asked_for
= 0;
2432 int descriptor_digests
= conn
->requested_resource
&&
2433 !strcmpstart(conn
->requested_resource
,"d/");
2434 log_info(LD_DIR
,"Received %s (body size %d) from server '%s:%d'",
2435 was_ei
? "extra server info" : "server info",
2436 (int)body_len
, conn
->base_
.address
, conn
->base_
.port
);
2437 if (conn
->requested_resource
&&
2438 (!strcmpstart(conn
->requested_resource
,"d/") ||
2439 !strcmpstart(conn
->requested_resource
,"fp/"))) {
2440 which
= smartlist_new();
2441 dir_split_resource_into_fingerprints(conn
->requested_resource
+
2442 (descriptor_digests
? 2 : 3),
2444 n_asked_for
= smartlist_len(which
);
2446 if (status_code
!= 200) {
2447 int dir_okay
= status_code
== 404 ||
2448 (status_code
== 400 && !strcmp(reason
, "Servers unavailable."));
2449 /* 404 means that it didn't have them; no big deal.
2450 * Older (pre-0.1.1.8) servers said 400 Servers unavailable instead. */
2451 log_fn(dir_okay
? LOG_INFO
: LOG_WARN
, LD_DIR
,
2452 "Received http status code %d (%s) from server '%s:%d' "
2453 "while fetching \"/tor/server/%s\". I'll try again soon.",
2454 status_code
, escaped(reason
), conn
->base_
.address
,
2455 conn
->base_
.port
, conn
->requested_resource
);
2457 connection_dir_download_routerdesc_failed(conn
);
2459 dir_routerdesc_download_failed(which
, status_code
,
2460 conn
->router_purpose
,
2461 was_ei
, descriptor_digests
);
2462 SMARTLIST_FOREACH(which
, char *, cp
, tor_free(cp
));
2463 smartlist_free(which
);
2465 return dir_okay
? 0 : -1;
2467 /* Learn the routers, assuming we requested by fingerprint or "all"
2470 * We use "authority" to fetch our own descriptor for
2471 * testing, and to fetch bridge descriptors for bootstrapping. Ignore
2472 * the output of "authority" requests unless we are using bridges,
2473 * since otherwise they'll be the response from reachability tests,
2474 * and we don't really want to add that to our routerlist. */
2475 if (which
|| (conn
->requested_resource
&&
2476 (!strcmpstart(conn
->requested_resource
, "all") ||
2477 (!strcmpstart(conn
->requested_resource
, "authority") &&
2478 get_options()->UseBridges
)))) {
2479 /* as we learn from them, we remove them from 'which' */
2481 router_load_extrainfo_from_string(body
, NULL
, SAVED_NOWHERE
, which
,
2482 descriptor_digests
);
2484 //router_load_routers_from_string(body, NULL, SAVED_NOWHERE, which,
2485 // descriptor_digests, conn->router_purpose);
2486 if (load_downloaded_routers(body
, which
, descriptor_digests
,
2487 conn
->router_purpose
,
2488 conn
->base_
.address
)) {
2489 time_t now
= approx_time();
2490 directory_info_has_arrived(now
, 0, 1);
2494 if (which
) { /* mark remaining ones as failed */
2495 log_info(LD_DIR
, "Received %d/%d %s requested from %s:%d",
2496 n_asked_for
-smartlist_len(which
), n_asked_for
,
2497 was_ei
? "extra-info documents" : "router descriptors",
2498 conn
->base_
.address
, (int)conn
->base_
.port
);
2499 if (smartlist_len(which
)) {
2500 dir_routerdesc_download_failed(which
, status_code
,
2501 conn
->router_purpose
,
2502 was_ei
, descriptor_digests
);
2504 SMARTLIST_FOREACH(which
, char *, cp
, tor_free(cp
));
2505 smartlist_free(which
);
2507 if (directory_conn_is_self_reachability_test(conn
))
2508 router_dirport_found_reachable();
2514 * Handler function: processes a response to a request for a group of
2518 handle_response_fetch_microdesc(dir_connection_t
*conn
,
2519 const response_handler_args_t
*args
)
2521 tor_assert(conn
->base_
.purpose
== DIR_PURPOSE_FETCH_MICRODESC
);
2522 const int status_code
= args
->status_code
;
2523 const char *reason
= args
->reason
;
2524 const char *body
= args
->body
;
2525 const size_t body_len
= args
->body_len
;
2527 smartlist_t
*which
= NULL
;
2528 log_info(LD_DIR
,"Received answer to microdescriptor request (status %d, "
2529 "body size %d) from server '%s:%d'",
2530 status_code
, (int)body_len
, conn
->base_
.address
,
2532 tor_assert(conn
->requested_resource
&&
2533 !strcmpstart(conn
->requested_resource
, "d/"));
2534 tor_assert_nonfatal(!tor_mem_is_zero(conn
->identity_digest
, DIGEST_LEN
));
2535 which
= smartlist_new();
2536 dir_split_resource_into_fingerprints(conn
->requested_resource
+2,
2538 DSR_DIGEST256
|DSR_BASE64
);
2539 if (status_code
!= 200) {
2540 log_info(LD_DIR
, "Received status code %d (%s) from server "
2541 "'%s:%d' while fetching \"/tor/micro/%s\". I'll try again "
2543 status_code
, escaped(reason
), conn
->base_
.address
,
2544 (int)conn
->base_
.port
, conn
->requested_resource
);
2545 dir_microdesc_download_failed(which
, status_code
, conn
->identity_digest
);
2546 SMARTLIST_FOREACH(which
, char *, cp
, tor_free(cp
));
2547 smartlist_free(which
);
2551 time_t now
= approx_time();
2552 mds
= microdescs_add_to_cache(get_microdesc_cache(),
2553 body
, body
+body_len
, SAVED_NOWHERE
, 0,
2555 if (smartlist_len(which
)) {
2556 /* Mark remaining ones as failed. */
2557 dir_microdesc_download_failed(which
, status_code
, conn
->identity_digest
);
2559 if (mds
&& smartlist_len(mds
)) {
2560 control_event_boot_dir(BOOTSTRAP_STATUS_LOADING_DESCRIPTORS
,
2561 count_loading_descriptors_progress());
2562 directory_info_has_arrived(now
, 0, 1);
2564 SMARTLIST_FOREACH(which
, char *, cp
, tor_free(cp
));
2565 smartlist_free(which
);
2566 smartlist_free(mds
);
2573 * Handler function: processes a response to a POST request to upload our
2574 * router descriptor.
2577 handle_response_upload_dir(dir_connection_t
*conn
,
2578 const response_handler_args_t
*args
)
2580 tor_assert(conn
->base_
.purpose
== DIR_PURPOSE_UPLOAD_DIR
);
2581 const int status_code
= args
->status_code
;
2582 const char *reason
= args
->reason
;
2583 const char *headers
= args
->headers
;
2585 switch (status_code
) {
2588 router_get_trusteddirserver_by_digest(conn
->identity_digest
);
2589 char *rejected_hdr
= http_get_header(headers
,
2590 "X-Descriptor-Not-New: ");
2592 if (!strcmp(rejected_hdr
, "Yes")) {
2593 log_info(LD_GENERAL
,
2594 "Authority '%s' declined our descriptor (not new)",
2596 /* XXXX use this information; be sure to upload next one
2598 /* XXXX++ On further thought, the task above implies that we're
2599 * basing our regenerate-descriptor time on when we uploaded the
2600 * last descriptor, not on the published time of the last
2601 * descriptor. If those are different, that's a bad thing to
2604 tor_free(rejected_hdr
);
2606 log_info(LD_GENERAL
,"eof (status 200) after uploading server "
2607 "descriptor: finished.");
2608 control_event_server_status(
2609 LOG_NOTICE
, "ACCEPTED_SERVER_DESCRIPTOR DIRAUTH=%s:%d",
2610 conn
->base_
.address
, conn
->base_
.port
);
2612 ds
->has_accepted_serverdesc
= 1;
2613 if (directories_have_accepted_server_descriptor())
2614 control_event_server_status(LOG_NOTICE
, "GOOD_SERVER_DESCRIPTOR");
2618 log_warn(LD_GENERAL
,"http status 400 (%s) response from "
2619 "dirserver '%s:%d'. Please correct.",
2620 escaped(reason
), conn
->base_
.address
, conn
->base_
.port
);
2621 control_event_server_status(LOG_WARN
,
2622 "BAD_SERVER_DESCRIPTOR DIRAUTH=%s:%d REASON=\"%s\"",
2623 conn
->base_
.address
, conn
->base_
.port
, escaped(reason
));
2626 log_warn(LD_GENERAL
,
2627 "HTTP status %d (%s) was unexpected while uploading "
2628 "descriptor to server '%s:%d'. Possibly the server is "
2630 status_code
, escaped(reason
), conn
->base_
.address
,
2634 /* return 0 in all cases, since we don't want to mark any
2635 * dirservers down just because they don't like us. */
2641 * Handler function: processes a response to POST request to upload our
2642 * own networkstatus vote.
2645 handle_response_upload_vote(dir_connection_t
*conn
,
2646 const response_handler_args_t
*args
)
2648 tor_assert(conn
->base_
.purpose
== DIR_PURPOSE_UPLOAD_VOTE
);
2649 const int status_code
= args
->status_code
;
2650 const char *reason
= args
->reason
;
2652 switch (status_code
) {
2654 log_notice(LD_DIR
,"Uploaded a vote to dirserver %s:%d",
2655 conn
->base_
.address
, conn
->base_
.port
);
2659 log_warn(LD_DIR
,"http status 400 (%s) response after uploading "
2660 "vote to dirserver '%s:%d'. Please correct.",
2661 escaped(reason
), conn
->base_
.address
, conn
->base_
.port
);
2664 log_warn(LD_GENERAL
,
2665 "HTTP status %d (%s) was unexpected while uploading "
2666 "vote to server '%s:%d'.",
2667 status_code
, escaped(reason
), conn
->base_
.address
,
2671 /* return 0 in all cases, since we don't want to mark any
2672 * dirservers down just because they don't like us. */
2677 * Handler function: processes a response to POST request to upload our
2678 * view of the signatures on the current consensus.
2681 handle_response_upload_signatures(dir_connection_t
*conn
,
2682 const response_handler_args_t
*args
)
2684 tor_assert(conn
->base_
.purpose
== DIR_PURPOSE_UPLOAD_SIGNATURES
);
2685 const int status_code
= args
->status_code
;
2686 const char *reason
= args
->reason
;
2688 switch (status_code
) {
2690 log_notice(LD_DIR
,"Uploaded signature(s) to dirserver %s:%d",
2691 conn
->base_
.address
, conn
->base_
.port
);
2695 log_warn(LD_DIR
,"http status 400 (%s) response after uploading "
2696 "signatures to dirserver '%s:%d'. Please correct.",
2697 escaped(reason
), conn
->base_
.address
, conn
->base_
.port
);
2700 log_warn(LD_GENERAL
,
2701 "HTTP status %d (%s) was unexpected while uploading "
2702 "signatures to server '%s:%d'.",
2703 status_code
, escaped(reason
), conn
->base_
.address
,
2707 /* return 0 in all cases, since we don't want to mark any
2708 * dirservers down just because they don't like us. */
2714 * Handler function: processes a response to a request for a v3 hidden service
2718 handle_response_fetch_hsdesc_v3(dir_connection_t
*conn
,
2719 const response_handler_args_t
*args
)
2721 const int status_code
= args
->status_code
;
2722 const char *reason
= args
->reason
;
2723 const char *body
= args
->body
;
2724 const size_t body_len
= args
->body_len
;
2726 tor_assert(conn
->hs_ident
);
2728 log_info(LD_REND
,"Received v3 hsdesc (body size %d, status %d (%s))",
2729 (int)body_len
, status_code
, escaped(reason
));
2731 switch (status_code
) {
2733 /* We got something: Try storing it in the cache. */
2734 if (hs_cache_store_as_client(body
, &conn
->hs_ident
->identity_pk
) < 0) {
2735 log_info(LD_REND
, "Failed to store hidden service descriptor");
2736 /* Fire control port FAILED event. */
2737 hs_control_desc_event_failed(conn
->hs_ident
, conn
->identity_digest
,
2739 hs_control_desc_event_content(conn
->hs_ident
, conn
->identity_digest
,
2742 log_info(LD_REND
, "Stored hidden service descriptor successfully.");
2743 TO_CONN(conn
)->purpose
= DIR_PURPOSE_HAS_FETCHED_HSDESC
;
2744 hs_client_desc_has_arrived(conn
->hs_ident
);
2745 /* Fire control port RECEIVED event. */
2746 hs_control_desc_event_received(conn
->hs_ident
, conn
->identity_digest
);
2747 hs_control_desc_event_content(conn
->hs_ident
, conn
->identity_digest
,
2752 /* Not there. We'll retry when connection_about_to_close_connection()
2753 * tries to clean this conn up. */
2754 log_info(LD_REND
, "Fetching hidden service v3 descriptor not found: "
2755 "Retrying at another directory.");
2756 /* Fire control port FAILED event. */
2757 hs_control_desc_event_failed(conn
->hs_ident
, conn
->identity_digest
,
2759 hs_control_desc_event_content(conn
->hs_ident
, conn
->identity_digest
,
2763 log_warn(LD_REND
, "Fetching v3 hidden service descriptor failed: "
2764 "http status 400 (%s). Dirserver didn't like our "
2765 "query? Retrying at another directory.",
2767 /* Fire control port FAILED event. */
2768 hs_control_desc_event_failed(conn
->hs_ident
, conn
->identity_digest
,
2770 hs_control_desc_event_content(conn
->hs_ident
, conn
->identity_digest
,
2774 log_warn(LD_REND
, "Fetching v3 hidden service descriptor failed: "
2775 "http status %d (%s) response unexpected from HSDir server "
2776 "'%s:%d'. Retrying at another directory.",
2777 status_code
, escaped(reason
), TO_CONN(conn
)->address
,
2778 TO_CONN(conn
)->port
);
2779 /* Fire control port FAILED event. */
2780 hs_control_desc_event_failed(conn
->hs_ident
, conn
->identity_digest
,
2782 hs_control_desc_event_content(conn
->hs_ident
, conn
->identity_digest
,
2791 * Handler function: processes a response to a request for a v2 hidden service
2795 handle_response_fetch_renddesc_v2(dir_connection_t
*conn
,
2796 const response_handler_args_t
*args
)
2798 tor_assert(conn
->base_
.purpose
== DIR_PURPOSE_FETCH_RENDDESC_V2
);
2799 const int status_code
= args
->status_code
;
2800 const char *reason
= args
->reason
;
2801 const char *body
= args
->body
;
2802 const size_t body_len
= args
->body_len
;
2804 #define SEND_HS_DESC_FAILED_EVENT(reason) \
2805 (control_event_hsv2_descriptor_failed(conn->rend_data, \
2806 conn->identity_digest, \
2808 #define SEND_HS_DESC_FAILED_CONTENT() \
2809 (control_event_hs_descriptor_content( \
2810 rend_data_get_address(conn->rend_data), \
2811 conn->requested_resource, \
2812 conn->identity_digest, \
2815 tor_assert(conn
->rend_data
);
2816 log_info(LD_REND
,"Received rendezvous descriptor (body size %d, status %d "
2818 (int)body_len
, status_code
, escaped(reason
));
2819 switch (status_code
) {
2822 rend_cache_entry_t
*entry
= NULL
;
2824 if (rend_cache_store_v2_desc_as_client(body
,
2825 conn
->requested_resource
,
2826 conn
->rend_data
, &entry
) < 0) {
2827 log_warn(LD_REND
,"Fetching v2 rendezvous descriptor failed. "
2828 "Retrying at another directory.");
2829 /* We'll retry when connection_about_to_close_connection()
2830 * cleans this dir conn up. */
2831 SEND_HS_DESC_FAILED_EVENT("BAD_DESC");
2832 SEND_HS_DESC_FAILED_CONTENT();
2834 char service_id
[REND_SERVICE_ID_LEN_BASE32
+ 1];
2835 /* Should never be NULL here if we found the descriptor. */
2837 rend_get_service_id(entry
->parsed
->pk
, service_id
);
2839 /* success. notify pending connections about this. */
2840 log_info(LD_REND
, "Successfully fetched v2 rendezvous "
2842 control_event_hsv2_descriptor_received(service_id
,
2844 conn
->identity_digest
);
2845 control_event_hs_descriptor_content(service_id
,
2846 conn
->requested_resource
,
2847 conn
->identity_digest
,
2849 conn
->base_
.purpose
= DIR_PURPOSE_HAS_FETCHED_RENDDESC_V2
;
2850 rend_client_desc_trynow(service_id
);
2851 memwipe(service_id
, 0, sizeof(service_id
));
2856 /* Not there. We'll retry when
2857 * connection_about_to_close_connection() cleans this conn up. */
2858 log_info(LD_REND
,"Fetching v2 rendezvous descriptor failed: "
2859 "Retrying at another directory.");
2860 SEND_HS_DESC_FAILED_EVENT("NOT_FOUND");
2861 SEND_HS_DESC_FAILED_CONTENT();
2864 log_warn(LD_REND
, "Fetching v2 rendezvous descriptor failed: "
2865 "http status 400 (%s). Dirserver didn't like our "
2866 "v2 rendezvous query? Retrying at another directory.",
2868 SEND_HS_DESC_FAILED_EVENT("QUERY_REJECTED");
2869 SEND_HS_DESC_FAILED_CONTENT();
2872 log_warn(LD_REND
, "Fetching v2 rendezvous descriptor failed: "
2873 "http status %d (%s) response unexpected while "
2874 "fetching v2 hidden service descriptor (server '%s:%d'). "
2875 "Retrying at another directory.",
2876 status_code
, escaped(reason
), conn
->base_
.address
,
2878 SEND_HS_DESC_FAILED_EVENT("UNEXPECTED");
2879 SEND_HS_DESC_FAILED_CONTENT();
2887 * Handler function: processes a response to a POST request to upload a v2
2888 * hidden service descriptor.
2891 handle_response_upload_renddesc_v2(dir_connection_t
*conn
,
2892 const response_handler_args_t
*args
)
2894 tor_assert(conn
->base_
.purpose
== DIR_PURPOSE_UPLOAD_RENDDESC_V2
);
2895 const int status_code
= args
->status_code
;
2896 const char *reason
= args
->reason
;
2898 #define SEND_HS_DESC_UPLOAD_FAILED_EVENT(reason) \
2899 (control_event_hs_descriptor_upload_failed( \
2900 conn->identity_digest, \
2901 rend_data_get_address(conn->rend_data), \
2904 log_info(LD_REND
,"Uploaded rendezvous descriptor (status %d "
2906 status_code
, escaped(reason
));
2907 /* Without the rend data, we'll have a problem identifying what has been
2908 * uploaded for which service. */
2909 tor_assert(conn
->rend_data
);
2910 switch (status_code
) {
2913 "Uploading rendezvous descriptor: finished with status "
2914 "200 (%s)", escaped(reason
));
2915 control_event_hs_descriptor_uploaded(conn
->identity_digest
,
2916 rend_data_get_address(conn
->rend_data
));
2917 rend_service_desc_has_uploaded(conn
->rend_data
);
2920 log_warn(LD_REND
,"http status 400 (%s) response from dirserver "
2921 "'%s:%d'. Malformed rendezvous descriptor?",
2922 escaped(reason
), conn
->base_
.address
, conn
->base_
.port
);
2923 SEND_HS_DESC_UPLOAD_FAILED_EVENT("UPLOAD_REJECTED");
2926 log_warn(LD_REND
,"http status %d (%s) response unexpected (server "
2928 status_code
, escaped(reason
), conn
->base_
.address
,
2930 SEND_HS_DESC_UPLOAD_FAILED_EVENT("UNEXPECTED");
2938 * Handler function: processes a response to a POST request to upload an
2939 * hidden service descriptor.
2942 handle_response_upload_hsdesc(dir_connection_t
*conn
,
2943 const response_handler_args_t
*args
)
2945 const int status_code
= args
->status_code
;
2946 const char *reason
= args
->reason
;
2949 tor_assert(conn
->base_
.purpose
== DIR_PURPOSE_UPLOAD_HSDESC
);
2951 log_info(LD_REND
, "Uploaded hidden service descriptor (status %d "
2953 status_code
, escaped(reason
));
2954 /* For this directory response, it MUST have an hidden service identifier on
2955 * this connection. */
2956 tor_assert(conn
->hs_ident
);
2957 switch (status_code
) {
2959 log_info(LD_REND
, "Uploading hidden service descriptor: "
2960 "finished with status 200 (%s)", escaped(reason
));
2961 hs_control_desc_event_uploaded(conn
->hs_ident
, conn
->identity_digest
);
2964 log_fn(LOG_PROTOCOL_WARN
, LD_REND
,
2965 "Uploading hidden service descriptor: http "
2966 "status 400 (%s) response from dirserver "
2967 "'%s:%d'. Malformed hidden service descriptor?",
2968 escaped(reason
), conn
->base_
.address
, conn
->base_
.port
);
2969 hs_control_desc_event_failed(conn
->hs_ident
, conn
->identity_digest
,
2973 log_warn(LD_REND
, "Uploading hidden service descriptor: http "
2974 "status %d (%s) response unexpected (server "
2976 status_code
, escaped(reason
), conn
->base_
.address
,
2978 hs_control_desc_event_failed(conn
->hs_ident
, conn
->identity_digest
,
2986 /** Called when a directory connection reaches EOF. */
2988 connection_dir_reached_eof(dir_connection_t
*conn
)
2991 if (conn
->base_
.state
!= DIR_CONN_STATE_CLIENT_READING
) {
2992 log_info(LD_HTTP
,"conn reached eof, not reading. [state=%d] Closing.",
2994 connection_close_immediate(TO_CONN(conn
)); /* error: give up on flushing */
2995 connection_mark_for_close(TO_CONN(conn
));
2999 retval
= connection_dir_client_reached_eof(conn
);
3000 if (retval
== 0) /* success */
3001 conn
->base_
.state
= DIR_CONN_STATE_CLIENT_FINISHED
;
3002 connection_mark_for_close(TO_CONN(conn
));
3005 /** We are closing a dir connection: If <b>dir_conn</b> is a dir connection
3006 * that tried to fetch an HS descriptor, check if it successfully fetched it,
3007 * or if we need to try again. */
3009 connection_dir_client_refetch_hsdesc_if_needed(dir_connection_t
*dir_conn
)
3011 connection_t
*conn
= TO_CONN(dir_conn
);
3013 /* If we were trying to fetch a v2 rend desc and did not succeed, retry as
3014 * needed. (If a fetch is successful, the connection state is changed to
3015 * DIR_PURPOSE_HAS_FETCHED_RENDDESC_V2 or DIR_PURPOSE_HAS_FETCHED_HSDESC to
3016 * mark that refetching is unnecessary.) */
3017 if (conn
->purpose
== DIR_PURPOSE_FETCH_RENDDESC_V2
&&
3018 dir_conn
->rend_data
&&
3019 rend_valid_v2_service_id(
3020 rend_data_get_address(dir_conn
->rend_data
))) {
3021 rend_client_refetch_v2_renddesc(dir_conn
->rend_data
);
3024 /* Check for v3 rend desc fetch */
3025 if (conn
->purpose
== DIR_PURPOSE_FETCH_HSDESC
&&
3026 dir_conn
->hs_ident
&&
3027 !ed25519_public_key_is_zero(&dir_conn
->hs_ident
->identity_pk
)) {
3028 hs_client_refetch_hsdesc(&dir_conn
->hs_ident
->identity_pk
);
3032 /** Array of compression methods to use (if supported) for requesting
3033 * compressed data, ordered from best to worst. */
3034 static compress_method_t client_meth_pref
[] = {
3042 /** Array of allowed compression methods to use (if supported) when receiving a
3043 * response from a request that was required to be anonymous. */
3044 static compress_method_t client_meth_allowed_anonymous_compression
[] = {
3050 /** Return a newly allocated string containing a comma separated list of
3051 * supported encodings. */
3053 accept_encoding_header(void)
3055 smartlist_t
*methods
= smartlist_new();
3056 char *header
= NULL
;
3057 compress_method_t method
;
3060 for (i
= 0; i
< ARRAY_LENGTH(client_meth_pref
); ++i
) {
3061 method
= client_meth_pref
[i
];
3062 if (tor_compress_supports_method(method
))
3063 smartlist_add(methods
, (char *)compression_method_get_name(method
));
3066 header
= smartlist_join_strings(methods
, ", ", 0, NULL
);
3067 smartlist_free(methods
);
3072 /** Check if the given compression method is allowed for a connection that is
3073 * supposed to be anonymous. Returns 1 if the compression method is allowed,
3076 allowed_anonymous_connection_compression_method(compress_method_t method
)
3080 for (u
= 0; u
< ARRAY_LENGTH(client_meth_allowed_anonymous_compression
);
3082 compress_method_t allowed_method
=
3083 client_meth_allowed_anonymous_compression
[u
];
3085 if (! tor_compress_supports_method(allowed_method
))
3088 if (method
== allowed_method
)
3095 /** Log a warning when a remote server has sent us a document using a
3096 * compression method that is not allowed for anonymous directory requests. */
3098 warn_disallowed_anonymous_compression_method(compress_method_t method
)
3100 log_fn(LOG_PROTOCOL_WARN
, LD_HTTP
,
3101 "Received a %s HTTP response, which is not "
3102 "allowed for anonymous directory requests.",
3103 compression_method_get_human_name(method
));
3106 /* We just got a new consensus! If there are other in-progress requests
3107 * for this consensus flavor (for example because we launched several in
3108 * parallel), cancel them.
3110 * We do this check here (not just in
3111 * connection_ap_handshake_attach_circuit()) to handle the edge case where
3112 * a consensus fetch begins and ends before some other one tries to attach to
3113 * a circuit, in which case the other one won't know that we're all happy now.
3115 * Don't mark the conn that just gave us the consensus -- otherwise we
3116 * would end up double-marking it when it cleans itself up.
3119 connection_dir_close_consensus_fetches(dir_connection_t
*except_this_one
,
3120 const char *resource
)
3122 smartlist_t
*conns_to_close
=
3123 connection_dir_list_by_purpose_and_resource(DIR_PURPOSE_FETCH_CONSENSUS
,
3125 SMARTLIST_FOREACH_BEGIN(conns_to_close
, dir_connection_t
*, d
) {
3126 if (d
== except_this_one
)
3128 log_info(LD_DIR
, "Closing consensus fetch (to %s) since one "
3129 "has just arrived.", TO_CONN(d
)->address
);
3130 connection_mark_for_close(TO_CONN(d
));
3131 } SMARTLIST_FOREACH_END(d
);
3132 smartlist_free(conns_to_close
);
3134 /** Called when one or more routerdesc (or extrainfo, if <b>was_extrainfo</b>)
3135 * fetches have failed (with uppercase fingerprints listed in <b>failed</b>,
3136 * either as descriptor digests or as identity digests based on
3137 * <b>was_descriptor_digests</b>).
3140 dir_routerdesc_download_failed(smartlist_t
*failed
, int status_code
,
3142 int was_extrainfo
, int was_descriptor_digests
)
3144 char digest
[DIGEST_LEN
];
3145 time_t now
= time(NULL
);
3146 int server
= directory_fetches_from_authorities(get_options());
3147 if (!was_descriptor_digests
) {
3148 if (router_purpose
== ROUTER_PURPOSE_BRIDGE
) {
3149 tor_assert(!was_extrainfo
);
3150 connection_dir_retry_bridges(failed
);
3152 return; /* FFFF should implement for other-than-router-purpose someday */
3154 SMARTLIST_FOREACH_BEGIN(failed
, const char *, cp
) {
3155 download_status_t
*dls
= NULL
;
3156 if (base16_decode(digest
, DIGEST_LEN
, cp
, strlen(cp
)) != DIGEST_LEN
) {
3157 log_warn(LD_BUG
, "Malformed fingerprint in list: %s", escaped(cp
));
3160 if (was_extrainfo
) {
3161 signed_descriptor_t
*sd
=
3162 router_get_by_extrainfo_digest(digest
);
3164 dls
= &sd
->ei_dl_status
;
3166 dls
= router_get_dl_status_by_descriptor_digest(digest
);
3170 download_status_increment_failure(dls
, status_code
, cp
, server
, now
);
3171 } SMARTLIST_FOREACH_END(cp
);
3173 /* No need to relaunch descriptor downloads here: we already do it
3174 * every 10 or 60 seconds (FOO_DESCRIPTOR_RETRY_INTERVAL) in main.c. */
3177 /** Called when a connection to download microdescriptors from relay with
3178 * <b>dir_id</b> has failed in whole or in part. <b>failed</b> is a list
3179 * of every microdesc digest we didn't get. <b>status_code</b> is the http
3180 * status code we received. Reschedule the microdesc downloads as
3183 dir_microdesc_download_failed(smartlist_t
*failed
,
3184 int status_code
, const char *dir_id
)
3186 networkstatus_t
*consensus
3187 = networkstatus_get_latest_consensus_by_flavor(FLAV_MICRODESC
);
3189 download_status_t
*dls
;
3190 time_t now
= time(NULL
);
3191 int server
= directory_fetches_from_authorities(get_options());
3196 /* We failed to fetch a microdescriptor from 'dir_id', note it down
3197 * so that we don't try the same relay next time... */
3198 microdesc_note_outdated_dirserver(dir_id
);
3200 SMARTLIST_FOREACH_BEGIN(failed
, const char *, d
) {
3201 rs
= router_get_mutable_consensus_status_by_descriptor_digest(consensus
,d
);
3204 dls
= &rs
->dl_status
;
3206 { /* Increment the failure count for this md fetch */
3207 char buf
[BASE64_DIGEST256_LEN
+1];
3208 digest256_to_base64(buf
, d
);
3209 log_info(LD_DIR
, "Failed to download md %s from %s",
3210 buf
, hex_str(dir_id
, DIGEST_LEN
));
3211 download_status_increment_failure(dls
, status_code
, buf
,
3214 } SMARTLIST_FOREACH_END(d
);